CVE-2022-30515 Information

Description

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos allowing an attacker to view them through filename enumeration.

Reference

https://www.zkteco.me/software-5 https://codingkoala.eu/posts/CVE202230515/