An issue in ZKTeco BioTime v.8.5.4 allows a remote attacker to obtain sensitive information.
An attacker can perform a brute-force attack with common usernames, or may use census data of common last names and append each letter of the alphabet to generate valid username lists.
Vulnerability path:
https://[org_domain]/forgetPassword
This vulnerability was tested and found on version 8.5.4
Send a simple POST request to the following endpoint "/forgetPassword" containing a valid username with an invalid email.
Abdulwahab Alismaeel from Jahez International Company