CVE-2020-37086

Name of the Vulnerable Software and Affected Versions Easy Transfer version 1.7 for iOS

Description A directory traversal issue allows remote attackers to access unauthorized file system paths without authentication. This is achieved by manipulating path parameters in 'GET' and 'POST' requests, enabling the listing or downloading of sensitive system files and the injection of malicious scripts into application parameters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.