Remote Information Exposure in ZKTeco ZKTime Product
CVE-2017-14680
7.5HIGH
What is CVE-2017-14680?
The ZKTeco ZKTime Web 2.0.1.12280 is vulnerable to remote information exposure, where attackers can exploit a direct request for a PDF document to access sensitive employee metadata. This vulnerability potentially allows unauthorized individuals to obtain critical information about personnel, raising serious security concerns for organizations using this product.
