VYPR

Wondershare Dr.fone

by Wondershare

CVEs (11)

  • CVE-2022-50904HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run…

  • CVE-2022-50902HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\FamiSafe\ to inject malicious…

  • CVE-2022-50690HigDec 22, 2025
    risk 0.55cvss 8.4epss 0.00

    Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges.

  • CVE-2020-36977HigJan 27, 2026
    risk 0.51cvss 7.8epss 0.00

    Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious…

  • CVE-2020-23438HigMar 4, 2025
    risk 0.51cvss 7.8epss 0.00

    Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.

  • CVE-2024-26574HigApr 8, 2024
    risk 0.51cvss 7.8epss 0.00

    Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe

  • CVE-2020-27992HigNov 2, 2020
    risk 0.51cvss 7.8epss 0.00

    Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users.

  • CVE-2019-25344Feb 12, 2026
    risk 0.00cvss epss 0.00

    Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to…

  • CVE-2022-50903Jan 13, 2026
    risk 0.00cvss epss 0.00

    Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific…

  • CVE-2022-50901Jan 13, 2026
    risk 0.00cvss epss 0.00

    Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious…

  • CVE-2022-50900Jan 13, 2026
    risk 0.00cvss epss 0.00

    Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem…

VYPR — Vulnerability Intelligence