| 제목 | ZKteco biotime 9.0.1 Exposure of Access Control List Files to an Unauthorized Control |
|---|
| 설명 | Vendor of Product: Biotime
Version: 9.0.1
Description:
There is a vulnerability that allows unauthorized access to sensitive images without proper security permissions. This issue arises when a site administrator adds a user or an employee captures their picture. Consequently, an attacker can view all images by guessing the image URLs, effectively circumventing security measures.
Vulnerability Details:
The vulnerability can be exploited by performing a brute force attack on the image URLs. For example, by accessing the following URL pattern:
bash
Copy code
http://time.xmzkteco.com:8097/auth_files/photo/*
An attacker can brute-force the image names, trying variations such as name.jpg with numbers from 0 to 1000 or more, leading to access to images like:
bash
Copy code
http://time.xmzkteco.com:8097/auth_files/photo/109.jpg
This allows an attacker to retrieve all images stored on the server.
Proof of Concept (PoC):
Using the URL pattern mentioned above, an attacker can sequentially access image files without authentication.
Dorks:
Shodan query:
http.title:"biotime"
Reported by: CyberSecurity Center - MOI Iraq |
|---|
| 원천 | ⚠️ https://gist.githubusercontent.com/whiteman007/f7a85252fed91deff6eb3f20596710b0/raw/b7c8a7f53d3316cfd2da1cae9bcf583d923860b7/biotime%25209.0.1 |
|---|
| 사용자 | Cybersecurity Center - MOI Iraq (UID 76965) |
|---|
| 제출 | 2024. 10. 31. PM 05:58 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 11. 09. AM 11:21 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 283662 [ZKTeco ZKBio Time 9.0.1 Image File /auth_files/photo/ 권한 상승] |
|---|
| 포인트들 | 20 |
|---|