A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows malicious users to write arbitrary files via using a malicious SFTP configuration.
zkteco biotime 8.5.5