CVE-2020-23038

HIGH

Swift File Transfer Mobile <1.1.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.vulnerability-lab.com/get_content.php?id=2205

Scores

CVSS v3 7.5
EPSS 0.0294
EPSS Percentile 85.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (2)
kumilabs/swift_file_transfer < 1.0.19
kumilabs/swift_file_transfer < 1.1.2 (2 CPE variants)
Published Oct 22, 2021
Tracked Since Feb 18, 2026