CVE-2022-50901

High CVSS: 8.5

Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that would run with LocalSystem privileges.

Vendor

Wondershare

Product

Dr.fone

CWE

CWE-428

Yayın Tarihi

2026-01-13 23:15:52

Güncelleme

2026-01-28 19:54:00

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-428 Dr.fone HIGH Wondershare 2026

Referanslar

https://www.exploit-db.com/exploits/50755 https://www.vulncheck.com/advisories/wondershare-drfone-dfwsidservice-unquoted-service-path https://www.wondershare.com/

Benzer Kayıtlar

High

CVE-2019-25344

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executa…

High

CVE-2022-50900

Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary…

High

CVE-2022-50903

Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local…

Critical

CVE-2025-10643

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remo…

Critical

CVE-2025-10644

Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability a…

High

CVE-2025-5180

A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue…