Wondershare Dr Fone 12.9.6 - Privilege Escalation

Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Date: 14 March 2023 Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window ...

Wondershare Dr Fone 12.9.6 Weak Permissions / Privilege Escalation

Executive Summary: Product Name: Wondershare Dr. Fone Vendor Home Page: https://drfone.wondershare.com Affected Versions: Dr Fone version 12.9.6 Vulnerability Type: Execution with Unnecessary Privileges CWE-250 CVE Reference: CVE-2023-27010. Credit: Thurein Soe Vendor Description: Wondershare Dr...

Design/Logic Flaw

Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILESX86%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users...

CVE-2020-27992

CVE-2020-27992 concerns Wondershare Dr.Fone 3.0.0. The issue is a local privilege escalation where a Trojan horse can leverage the DriverInstall.exe in the DriverInstaller folder, which is reported to have Full Control for BUILTIN\Users. Several connected sources describe related indicators: an u...

CVE-2020-27992

Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILESX86%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users...

Wondershare Dr.Fone 3.0.0 Unquoted Service Path Vulnerability

Exploit Title: Wondershare Dr.Fone DriverInstall.exe - "WsDrvInst" Unquoted Service Path Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.wondershare.com Software Link: https://drfone.wondershare.com/ Version: 3.0.0 Tested on: Microsoft Windows 7sp2 x86/x64 CVE : CVE-2020-27992 -...