This page lists publicly disclosed CVE vulnerabilities affecting iobit iotransfer (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-37197 | IOBit IOTransfer V4 is vulnerable to Unquoted Service Path. | [email protected] | 7.8 | 0.53% | 2022-11-18 | 2025-04-29 |
| CVE-2022-24562 | In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution. | [email protected] | 9.8 | 49.16% | 2022-06-16 | 2024-11-21 |