Description
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Sun, 05 Jul 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-09T00:17:14.510Z
Reserved: 2022-02-07T00:00:00.000Z
Link: CVE-2022-24562
No data.
Status : Modified
Published: 2022-06-16T19:15:07.723
Modified: 2026-06-17T04:32:06.690
Link: CVE-2022-24562
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-306
Missing Authentication for Critical Function