Security Advisory
CVE-2024-13966
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value 123456. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").