MobileTrans 4.0.11 - Weak Service Privilege Escalation

Exploit Title :MobileTrans 4.0.11 - Weak Service Privilege Escalation Date: 20 May 2023 Exploit Author: Thurein Soe Vendor Homepage: https://mobiletrans.wondershare.com/ Software Link: https://mega.nz/file/0Et0ybRSl69LRlvwrwmqDfPGKlHaJ5LmbeKJuwH0xYKD8nSVg Version: MobileTrans version 4.0.11 Teste...

Filmora 12 Build 1.0.0.7 Unquoted Service Path

Vendor Name: Filmora Product Name: Filmora 12 version Build 1.0.0.7 Vendor Home Page: https://filmora.wondershare.com/ Affected Versions: Filmora 12 version Build 12.2.1.2088 Vulnerability Type: Unquoted Service Path Vulnerability CWE-428 CVE Reference: CVE-2023-31747 Security Researcher: Thurein...

Filmora 12 Build 1.0.0.7 Unquoted Service Path Vulnerability

Vendor Name: Filmora Product Name: Filmora 12 version Build 1.0.0.7 Vendor Home Page: https://filmora.wondershare.com/ Affected Versions: Filmora 12 version Build 12.2.1.2088 Vulnerability Type: Unquoted Service Path Vulnerability CWE-428 CVE Reference: CVE-2023-31747 Security Researcher: Thurein...

MobileTrans 4.0.11 Weak Service Permissions Vulnerability

Vendor Name: MobileTrans Product Name: MobileTrans Vendor Home Page: https://mobiletrans.wondershare.com/ Affected Versions: MobileTrans version 4.0.11 Vulnerability Type: Weak Service Permissions CWE-276 CVE Reference: CVE-2023-31748 Security Researcher: Thurein Soe Vulnerability description:...

Wondershare Dr Fone 12.9.6 - Privilege Escalation Vulnerability

Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window 10 10.0.19045.2604 C...

CVE-2023-27759

An issue found in Wondershare Technology Co, Ltd Edrawmind v.10.0.6 allows a remote attacker to executea arbitrary commands via the WindowsCodescs.dll file...

CVE-2023-27768

An issue found in Wondershare Technology Co.,Ltd PDFelement v9.1.1 allows a remote attacker to execute arbitrary commands via the pdfelement-prosetupfull5239.exe file...

CVE-2023-27769

An issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 allows a remote attacker to execute arbitrary commands via the pdfreadersetupfull13143.exe file...

CVE-2023-27770

An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 allows a remote attacker to execute arbitrary commands via the edraw-maxsetupfull5371.exe file...

CVE-2023-27771

An issue found in Wondershare Technology Co.,Ltd Creative Centerr v.1.0.8 allows a remote attacker to execute arbitrary commands via the wondershareCCsetupfull10819.exe file...

Design/Logic Flaw

An issue found in Wondershare Technology Co., Ltd UniConverter v.14.0.0 allows a remote attacker to execute arbitrary commands via the uniconverter1464bitsetupfull14204.exe file...

CVE-2023-27770

Affected product: Wondershare Edraw-max 12.0.4. Description indicates an issue where the edraw-max_setup_full5371.exe file can be exploited to execute arbitrary commands, implying a remote command execution risk. Root cause and exact exploit vector are not detailed in the provided documents; no p...

CVE-2023-27760

CVE-2023-27760 affects Wondershare Filmora 12.0.9. The issue enables a local attacker to execute arbitrary commands via the filmora_setup_full846.exe installer/executable. The vulnerability is described as a command execution pathway in the installer, with impact described as high confidentiality...

CVE-2023-27771

CVE-2023-27771 affects Wondershare Technology Co., Ltd. Creative Center v1.0.8. The vulnerability allows a remote attacker to execute arbitrary commands via the wondershareCC_setup_full10819.exe installer file. Public details describe the issue without detailing an official fixed version; some so...

CVE-2023-27768

CVE-2023-27768 affects Wondershare PDFelement v9.1.1 and is delivered via the pdfelement-pro_setup_full5239.exe file. The issue allows an attacker to execute arbitrary commands, per sources, with a vulnerable component/file and underlying cause not detailed beyond command execution via the execut...

CVE-2023-27761

Wondershare UniConverter 14.0.0 contains a vulnerability where the installer uniconverter14_64bit_setup_full14204.exe can be abused to execute arbitrary commands by a remote attacker. The issue is described as remote command execution via the setup file, with no explicit remediation details provi...

CVE-2023-27762

Wondershare DemoCreator 6.0.0 is affected by CVE-2023-27762, where the democreator_setup_full7743.exe executable enables a local attacker with no privileges to cause arbitrary command execution (requires user interaction). The issue is tied to a specific setup-related binary, with high impact on ...

CVE-2023-27763

Summary: CVE-2023-27763 affects Wondershare MobileTrans v4.0.2. The vulnerability lies in the launcher/file mobiletrans_setup_full5793.exe, which can be abused by a local attacker to execute arbitrary commands. The available documents confirm the vulnerable component and the ability to run remote...

CVE-2023-27759

CVE-2023-27759 affects Wondershare Edrawmind v10.0.6. A remote attacker can execute arbitrary commands via the WindowsCodescs.dll file, due to the issue described in the cited records. The root cause and technical details are not expanded beyond this description in the connected documents. No rem...

CVE-2023-27764

CVE-2023-27764 affects Wondershare Repairit 3.5.4. A local-access vulnerability in the repairit_setup_full5913.exe file enables a remote attacker to execute arbitrary commands (CVSSv3.1: AV L/AC L/PR N/UI R/S U/C H/I H/A H). Impact is high, with potential confidentiality, integrity, and availabil...