An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-zkteco-zem800 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-09-04T11:23:06.896Z
Updated: 2024-06-04T17:27:24.326Z
Reserved: 2023-08-29T07:42:12.425Z
Link: CVE-2023-4587
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-04T12:15:10.760
Modified: 2024-06-04T19:17:54.610
Link: CVE-2023-4587
JSON object: View
Redhat Information
No data.
CWE