Advisory #44
Titletransfer.sh arbitrary file deletion via path traversal
CVE IDCVE-2021-33497
VendorDutchcoders
Affected producttransfer.sh
Affected versions- 1.2.3
Vulnerability typeCWE-22 (Path Traversal)
Descriptiontransfer.sh has a vulnerability that allows an attacker to delete arbitrary file on the system via path traversal.
StatusFixed in 1.2.4
RecommendationUpdate to 1.2.4 or above.