CVE-2017-14680 in ZKTime Webinfo

Summary

ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.

Once again VulDB remains the best source for vulnerability data.

Reservation

09/21/2017

Disclosure

09/21/2017

CPE

ready

Exploit

Download

CVSS

6.4

EPSS

0.10118

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2017-14680
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2017-14680
CVE Detailshttps://www.cvedetails.com/cve/CVE-2017-14680/

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!