The ZK Framework is an open-source Ajax Web app framework written in Java, which makes it easy for web developers to create graphical user interfaces for web applications with minimal effort and programming knowledge. Due to its widespread usage in projects of all sizes and types, the vulnerability has a significant impact.
Several notable products that employ the ZK framework, such as ConnectWise Recover, version 2.9.7 and earlier, and ConnectWise R1SoftServer Backup Manager, version 6.16.3 and earlier, are affected by this vulnerability.
CISA has warned that this type of vulnerability is frequently targeted by malicious cyber actors and poses a severe threat to federal enterprises. Therefore, it is recommended that institutions/organizations implement the published updates immediately.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]