CVE-2022-24562

CRITICAL

IOBit IOTransfer 4.3.1.1561 - Unauthenticated Arbitrary File Read/Write via Airserv API

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-24562. PoCs published by Tomer Peled.

AI-analyzed exploit summary This exploit targets CVE-2022-24562 in IOTransfer V4, allowing unauthenticated remote code execution via file upload/download operations. It leverages improper access controls in the application's API to upload a malicious DLL or download arbitrary files.

Description

In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.

Exploits (1)

exploitdb WORKING POC
by Tomer Peled · pythonremotewindows
https://www.exploit-db.com/exploits/50974

This exploit targets CVE-2022-24562 in IOTransfer V4, allowing unauthenticated remote code execution via file upload/download operations. It leverages improper access controls in the application's API to upload a malicious DLL or download arbitrary files.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IOTransfer V4 and onward
No auth needed
Prerequisites: Network access to the target's IOTransfer service (port 7193) · A malicious DLL payload for upload
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Product, Vendor Advisory x_refsource_misc
http://iobit.com
Broken Link x_refsource_misc
http://iotransfer.com
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/167775/IOTransfer-4.0-Remote-Code-Execution.html

Scores

CVSS v3 9.8
EPSS 0.5307
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-306
Status published
Products (1)
iobit/iotransfer 4.3.1.1561
Published Jun 16, 2022
Tracked Since Feb 18, 2026