CVE-2017-13129

Published: Sep 26, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20170917 ZKTime_Web Software 2.0 - Cross Site Request Forgery

mailing-list

x_refsource_FULLDISC

20170918 ZKTime_Web Software 2.0 - Cross Site Request Forgery

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-13129

Description

Affected Products

References