VYPR

IOTransfer

by Iobit

CVEs (2)

  • CVE-2022-24562Jun 16, 2022
    risk 0.07cvss epss 0.53

    In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.

  • CVE-2022-37197Nov 18, 2022
    risk 0.03cvss epss 0.01

    IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.