CVE-2022-50900

High CVSS: 8.5

Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup.

Vendor

Wondershare

Product

Dr.fone

CWE

CWE-428

Yayın Tarihi

2026-01-13 23:15:52

Güncelleme

2026-01-28 19:59:18

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-428 Dr.fone HIGH Wondershare 2026

Referanslar

https://www.exploit-db.com/exploits/50813 https://www.vulncheck.com/advisories/wondershare-drfone-wondershare-installassist-unquoted-service-path https://www.wondershare.com/

Benzer Kayıtlar

High

CVE-2019-25344

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executa…

High

CVE-2022-50901

Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users…

High

CVE-2022-50903

Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local…

Critical

CVE-2025-10643

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remo…

Critical

CVE-2025-10644

Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability a…

High

CVE-2025-5180

A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue…