Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2022-42953
HistoryDec 25, 2022 - 12:00 a.m.

CVE-2022-42953

2022-12-2500:00:00
mitre
www.cve.org
8
zkteco
unauthorized access
sensitive information
direct requests

AI Score

7.6

Confidence

High

EPSS

0.034

Percentile

91.5%

JSON

Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210).

Related

exploitdb 1
zdt 2
cve 1
prion 1
nvd 1
packetstorm 1
exploitdb
exploitdb
ZKTeco ZEM/ZMM 8.88 - Missing Authentication
2023-03-28 00:00:00
zdt
zdt
ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication Vulnerability
2022-10-25 00:00:00
ZKTeco ZEM/ZMM 8.88 - Missing Authentication Vulnerability
2023-03-28 00:00:00
cve
cve
CVE-2022-42953
2022-12-25 05:15:10
prion
prion
Information disclosure
2022-12-25 05:15:00
nvd
nvd
CVE-2022-42953
2022-12-25 05:15:10
packetstorm
packetstorm
ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication
2022-10-25 00:00:00

AI Score

7.6

Confidence

High

EPSS

0.034

Percentile

91.5%

JSON
Related for CVELIST:CVE-2022-42953
exploitdb1zdt2cve1prion1nvd1packetstorm1