CVE-2023-38952

Name of the Vulnerable Software and Affected Versions ZKTeco BioTime versions 8.5.5 through 9.0.1

Description An issue exists in ZKTeco BioTime where access controls are improperly configured. This allows authenticated attackers to elevate their privileges because session identifiers are not validated based on user type. Restrictions between non-administrative and administrative users are not enforced, enabling any authenticated user to execute administrative functions by directly accessing administrative endpoints. The default employee credentials (password '123456') can be used to log in. Exploitation can allow an attacker to read sensitive backup files and access sensitive information, such as user credentials, by sending a crafted HTTP request to the static files resources.

Recommendations ZKTeco BioTime version 8.5.5: Apply appropriate access controls and restrict access to administrative endpoints. ZKTeco BioTime versions 8.5.6 through 9.0.1: Apply appropriate access controls and restrict access to administrative endpoints.