Vulnerabilities > Zkteco

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-26	CVE-2017-13129	Cross-Site Request Forgery (CSRF) vulnerability in Zkteco Zktime web 2.0.1.12280 Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens. network low complexity zkteco CWE-352	8.0
2017-09-21	CVE-2017-14680	Information Exposure vulnerability in Zkteco Zktime web 2.0.1.12280 ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document. network low complexity zkteco CWE-200	7.5

Vulnerabilities > Zkteco {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zkteco"}]}