CVE-2020-17474 – A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_ …

Vuln ID: CVE-2020-17474

Published:  2020-08-14  20:15:12Z

Description: A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database.

Source: NVD.NIST.GOV