MidnightBSD

Advisories for kumilabs

CVE-2020-23038 MEDIUM

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
kumilabs swift_file_transfer *