Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-37197 | 1 Iobit | 1 Iotransfer | 2022-11-29 | N/A | 7.8 HIGH |
IOBit IOTransfer V4 is vulnerable to Unquoted Service Path. | |||||
CVE-2022-24562 | 1 Iobit | 1 Iotransfer | 2022-10-27 | 10.0 HIGH | 9.8 CRITICAL |
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution. |