CVE-2024-35428

Publication date

2024-05-30 17:02:20

Family

mitre

State

PUBLISHED

Description

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.