ZKTeco ZKBioSecurity Cross-Site Request Forgery Vulnerability Allowing Unauthorized Superadmin Access
Vulnerability
A cross-site request forgery (CSRF) vulnerability has been identified in ZKTeco ZKBioSecurity version 3.0.1.0_R_230. This vulnerability allows attackers to perform administrative actions by tricking logged-in users into visiting malicious websites. Exploitation involves sending crafted HTTP requests that add superadmin accounts without proper validation, thereby granting unauthorized administrative access to the application.
Impact
Exploitation of this vulnerability allows for unauthorized administrative access, including the ability to add superadmin accounts, which could lead to further administrative actions or privileges.
Reproduction
To reproduce this vulnerability, an authenticated user must be persuaded to visit a malicious website that sends a crafted HTTP request to the ZKBioSecurity application. This request should target the 'authUserAction!edit.action' endpoint and include the necessary data to create a superadmin account, such as username, password, and other required fields. Once the request is processed, the authenticated user will gain superadmin privileges without proper authorization.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.