20 matches found
Wondershare Dr. Fone Code Issue Vulnerability
Wondershare Dr. Fone is a one-stop solution for cell phones from China's Wanxing Wondershare. A code issue vulnerability exists in Wondershare Dr. Fone, which stems from an unquoted service path that can be exploited by an attacker to cause a local user to execute arbitrary code and elevate syste...
EUVD-2021-31418
Malicious code in bioql PyPI...
CVE-2023-27010
Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable...
Wondershare Dr Fone 12.9.6 - Privilege Escalation
Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Date: 14 March 2023 Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window ...
Wondershare Dr Fone 12.9.6 - Privilege Escalation Vulnerability
Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window 10 10.0.19045.2604 C...
CVE-2023-27767
An issue found in Wondershare Technology Co.,Ltd Dr.Fone v.12.4.9 allows a remote attacker to execute arbitrary commands via the drfonesetupfull3360.exe file...
Wondershare Dr.Fone 安全漏洞
Wondershare Dr. Fone is a mobile device toolkit software from China Wondershare Technology Wondershare. The software provides applications, transfer data, contacts, messages and other auxiliary functions for the device. A security vulnerability exists in Wondershare Dr.Fone v12.9.6. An attacker...
Wondershare Dr.Fone 12.9.6 Weak Permissions / Privilege Escalation Vulnerability
Executive Summary: Product Name: Wondershare Dr. Fone Vendor Home Page: https://drfone.wondershare.com Affected Versions: Dr Fone version 12.9.6 Vulnerability Type: Execution with Unnecessary Privileges CWE-250 CVE Reference: CVE-2023-27010. Credit: Thurein Soe Vendor Description: Wondershare Dr...
Wondershare Dr Fone 12.9.6 Weak Permissions / Privilege Escalation
Executive Summary: Product Name: Wondershare Dr. Fone Vendor Home Page: https://drfone.wondershare.com Affected Versions: Dr Fone version 12.9.6 Vulnerability Type: Execution with Unnecessary Privileges CWE-250 CVE Reference: CVE-2023-27010. Credit: Thurein Soe Vendor Description: Wondershare Dr...
Dr. Fone 4.0.8 Unquoted Service Path
Exploit Title: Dr. Fone v4.0.8- 'netupdater32.exe' Unquoted Service Path Discovery Date: 2022-05-07 Discovery by: Esant1490 Vendor Homepage: https://drfone.wondershare.net Software Link : https://download.wondershare.net/drfonefull4008.exe Tested Version: 4.0.8 Tested on OS: Windows 10 Pro x64 en...
Dr. Fone 4.0.8 - (net_updater32.exe) Unquoted Service Path Vulnerability
Exploit Title: Dr. Fone v4.0.8- 'netupdater32.exe' Unquoted Service Path Discovery by: Esant1490 Vendor Homepage: https://drfone.wondershare.net Software Link : https://download.wondershare.net/drfonefull4008.exe Tested Version: 4.0.8 Tested on OS: Windows 10 Pro x64 en Vulnerability Type: Unquot...
CVE-2021-44596
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" servicethe service is running under SYSTEM privileges and manipulate it to execute malicious...
CVE-2021-44596
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" servicethe service is running under SYSTEM privileges and manipulate it to execute malicious...
CVE-2021-44595
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges...
Remote code execution
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" servicethe service is running under SYSTEM privileges and manipulate it to execute malicious...
CVE-2021-44596
CVE-2021-44596 affects Wondershare Dr. Fone (as of 2021-12-06) with a flaw in the InstallAssistService.exe that runs under SYSTEM privileges. An unauthenticated attacker can send UDP traffic to this service and manipulate it to execute a malicious executable remotely, yielding SYSTEM-level code e...
CVE-2021-44596
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" servicethe service is running under SYSTEM privileges and manipulate it to execute malicious...
CVE-2021-44595
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges...
CVE-2021-44595
CVE-2021-44595 affects Wondershare Dr. Fone (latest as of 2021-12-06): Incorrect Access Control allows a normal user to send crafted packets to ElevationService.exe and execute arbitrary code with SYSTEM privileges. Documented as a privilege-escalation vulnerability; several public references des...
PT-2022-12182 · Wondershare · Dr. Fone
Name of the Vulnerable Software and Affected Versions: Wondershare LTD Dr. Fone as of 2021-12-06 version Description: The issue is related to remote code execution due to software design flaws. An unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service, which run...