CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7998
https://notcve.org/view.php?id=CVE-2020-7998
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service. Se ha detectado una vulnerabilidad de carga de archivo arbitraria en la aplicación Super File Explorer versión 1.0.1 para iOS. La vulnerabilidad se presenta en la ruta del desarrollador que es accesible y oculta al lado de la ruta root. • https://apps.apple.com/us/app/super-file-explorer-file-viewer-file-manager/id1101973946 https://gist.github.com/adeshkolte/9e60b2483d2f20d1951beac0fc917c6f • CWE-434: Unrestricted Upload of File with Dangerous Type •