Unrated severityNVD Advisory· Published Jun 16, 2022· Updated Aug 3, 2024
CVE-2022-24562
CVE-2022-24562
Description
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- IOBit/IOTransferdescription
- Range: = 4.3.1.1561
Patches
Vulnerability mechanics
References
4- iobit.commitrex_refsource_MISC
- iotransfer.commitrex_refsource_MISC
- packetstormsecurity.com/files/167775/IOTransfer-4.0-Remote-Code-Execution.htmlmitrex_refsource_MISC
- medium.com/%40tomerp_77017/exploiting-iotransfer-insecure-api-cve-2022-24562-a2c4a3f9149dmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.