๐ CVE-2022-36635 | ZKTeco ZKBiosecurity 4.1.2 /baseOpLog.do opTimeBegin/opTimeEnd sql injection
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability, which was classified as critical, has been found in ZKTeco ZKBiosecurity 4.1.2. Affected by this issue is some unknown functionality of the file /baseOpLog.do. The manipulation of the argument opTimeBegin/opTimeEnd leads to sql injection. This vulnerability is handled as CVE-2022-36635. The attack may be launched remotely. Furthermore, there is an exploit available. ...