ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an malicious user to view them through filename enumeration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zkteco biotime 8.5.4 |
||
zkteco biotime 8.5.5 |