Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insecure direct object reference in ZKTeco ZEM800
Vulnerability Description
An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
ZKTeco ZEM800 安全漏洞
Vulnerability Description
ZKTeco ZEM800是ZKTeco公司的一款生物识别设备,主要用于门禁控制和考勤管理系统。 ZKTeco ZEM800 6.60版本存在安全漏洞,该漏洞源于允许本地攻击者通过本地网络或VPN服务器获取注册用户备份文件或设备配置文件。
CVSS Information
N/A
Vulnerability Type
N/A