Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables.
References
| Link | Resource |
|---|---|
| https://www.vulnerability-lab.com/get_content.php?id=2205 | Exploit Third Party Advisory |
| https://www.vulnerability-lab.com/get_content.php?id=2205 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:13
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.vulnerability-lab.com/get_content.php?id=2205 - Exploit, Third Party Advisory |
Information
Published : 2021-10-22 20:15
Updated : 2024-11-21 05:13
NVD link : CVE-2020-23038
Mitre link : CVE-2020-23038
CVE.ORG link : CVE-2020-23038
JSON object : View
Products Affected
kumilabs
- swift_file_transfer
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')