Iobit Iotransfer vulnerabilities
2 known vulnerabilities affecting iobit/iotransfer.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2022-24562P1CRITICALCVSS 9.8PoCv4.3.1.15612022-06-16
CVE-2022-24562 [CRITICAL] CWE-306 CVE-2022-24562: In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airser
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.
nvd
CVE-2022-37197P3HIGHCVSS 7.8PoCv4.02022-11-18
CVE-2022-37197 [HIGH] CWE-428 CVE-2022-37197: IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.
IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.
nvd