Vulnerabilities > Zkteco > Zkbiosecurity V5000
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-07 | CVE-2022-36635 | SQL Injection vulnerability in Zkteco Zkbiosecurity V5000 4.1.3 ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do. | 8.8 |
2022-10-07 | CVE-2022-36634 | Incorrect Authorization vulnerability in Zkteco Zkbiosecurity V5000 3.0.5.0R An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request. | 8.8 |