CVE-2024-35433 Information

Description

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user without the permissions of managing users can create a new admin user.

Reference

https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35433.md