← Back

Iotransfer

iotransfer

Vendor: Iobit • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-37197
1Iobit
1Iotransfer
Apr 29, 2025
Nov 18, 2022
N/A· v4
7.8 HIGH· v3
N/A· v2
IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.
CVE-2022-24562
1Iobit
1Iotransfer
Nov 21, 2024
Jun 16, 2022
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which...Show more
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.Show less