Vendor CVEs
Wondershare
All CVEs
35 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-44596 | Cri | 0.69 | 9.8 | 0.23 | Apr 29, 2022 | Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to… | ||
| CVE-2021-44595 | Hig | 0.62 | 8.8 | 0.21 | Apr 29, 2022 | Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges. | ||
| CVE-2022-50904 | Hig | 0.55 | 8.4 | 0.00 | Jan 13, 2026 | Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run… | ||
| CVE-2022-50902 | Hig | 0.55 | 8.4 | 0.00 | Jan 13, 2026 | Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\FamiSafe\ to inject malicious… | ||
| CVE-2022-50690 | Hig | 0.55 | 8.4 | 0.00 | Dec 22, 2025 | Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges. | ||
| CVE-2023-31747 | Hig | 0.54 | 7.8 | 0.01 | May 23, 2023 | Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges. | ||
| CVE-2023-27010 | Hig | 0.54 | 7.8 | 0.01 | Mar 13, 2023 | Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable. | ||
| CVE-2020-36977 | Hig | 0.51 | 7.8 | 0.00 | Jan 27, 2026 | Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious… | ||
| CVE-2020-23438 | Hig | 0.51 | 7.8 | 0.00 | Mar 4, 2025 | Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation. | ||
| CVE-2025-0834 | Hig | 0.51 | 7.8 | 0.00 | Jan 30, 2025 | Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This… | ||
| CVE-2024-26574 | Hig | 0.51 | 7.8 | 0.00 | Apr 8, 2024 | Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe | ||
| CVE-2023-29835 | Hig | 0.51 | 7.8 | 0.00 | Apr 26, 2023 | Insecure Permission vulnerability found in Wondershare Dr.Fone v.12.9.6 allows a remote attacker to escalate privileges via the service permission function. | ||
| CVE-2023-27771 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd Creative Centerr v.1.0.8 allows a remote attacker to execute arbitrary commands via the wondershareCC_setup_full10819.exe file. | ||
| CVE-2023-27770 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 allows a remote attacker to execute arbitrary commands via the edraw-max_setup_full5371.exe file. | ||
| CVE-2023-27769 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 allows a remote attacker to execute arbitrary commands via the pdfreader_setup_full13143.exe file. | ||
| CVE-2023-27768 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd PDFelement v9.1.1 allows a remote attacker to execute arbitrary commands via the pdfelement-pro_setup_full5239.exe file. | ||
| CVE-2023-27767 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd Dr.Fone v.12.4.9 allows a remote attacker to execute arbitrary commands via the drfone_setup_full3360.exe file. | ||
| CVE-2023-27766 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd Anireel 1.5.4 allows a remote attacker to execute arbitrary commands via the anireel_setup_full9589.exe file. | ||
| CVE-2023-27765 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd Recoverit v.10.6.3 allows a remote attacker to execute arbitrary commands via the recoverit_setup_full4134.exe file. | ||
| CVE-2023-27764 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd Repairit v.3.5.4 allows a remote attacker to execute arbitrary commands via the repairit_setup_full5913.exe file. | ||
| CVE-2023-27763 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd MobileTrans v.4.0.2 allows a remote attacker to execute arbitrary commands via the mobiletrans_setup_full5793.exe file. | ||
| CVE-2023-27762 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co., Ltd DemoCreator v.6.0.0 allows a remote attacker to execute arbitrary commands via the democreator_setup_full7743.exe file. | ||
| CVE-2023-27761 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co., Ltd UniConverter v.14.0.0 allows a remote attacker to execute arbitrary commands via the uniconverter14_64bit_setup_full14204.exe file. | ||
| CVE-2023-27760 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co, Ltd Filmora v.12.0.9 allows a remote attacker to execute arbitrary commands via the filmora_setup_full846.exe. | ||
| CVE-2023-27759 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co, Ltd Edrawmind v.10.0.6 allows a remote attacker to executea arbitrary commands via the WindowsCodescs.dll file. | ||
| CVE-2020-27992 | Hig | 0.51 | 7.8 | 0.00 | Nov 2, 2020 | Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. | ||
| CVE-2025-5180 | Hig | 0.46 | 7.0 | 0.00 | May 26, 2025 | A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search… | ||
| CVE-2024-48294 | Med | 0.36 | 5.5 | 0.00 | Nov 18, 2024 | A NULL pointer dereference in the component libPdfCore.dll of Wondershare PDF Reader v1.0.9.2544 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||
| CVE-2020-37254 | 0.00 | — | 0.00 | Jun 19, 2026 | Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart… | |||
| CVE-2019-25344 | 0.00 | — | 0.00 | Feb 12, 2026 | Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to… | |||
| CVE-2022-50903 | 0.00 | — | 0.00 | Jan 13, 2026 | Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific… | |||
| CVE-2022-50901 | 0.00 | — | 0.00 | Jan 13, 2026 | Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious… | |||
| CVE-2022-50900 | 0.00 | — | 0.00 | Jan 13, 2026 | Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem… | |||
| CVE-2025-10644 | 0.00 | — | 0.04 | Sep 17, 2025 | Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw… | |||
| CVE-2025-10643 | 0.00 | — | 0.03 | Sep 17, 2025 | Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The… |
- risk 0.69cvss 9.8epss 0.23
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to…
- risk 0.62cvss 8.8epss 0.21
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
- risk 0.55cvss 8.4epss 0.00
Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run…
- risk 0.55cvss 8.4epss 0.00
Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\FamiSafe\ to inject malicious…
- risk 0.55cvss 8.4epss 0.00
Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges.
- risk 0.54cvss 7.8epss 0.01
Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
- risk 0.54cvss 7.8epss 0.01
Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.
- risk 0.51cvss 7.8epss 0.00
Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious…
- risk 0.51cvss 7.8epss 0.00
Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.
- risk 0.51cvss 7.8epss 0.00
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This…
- risk 0.51cvss 7.8epss 0.00
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
- risk 0.51cvss 7.8epss 0.00
Insecure Permission vulnerability found in Wondershare Dr.Fone v.12.9.6 allows a remote attacker to escalate privileges via the service permission function.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd Creative Centerr v.1.0.8 allows a remote attacker to execute arbitrary commands via the wondershareCC_setup_full10819.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 allows a remote attacker to execute arbitrary commands via the edraw-max_setup_full5371.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 allows a remote attacker to execute arbitrary commands via the pdfreader_setup_full13143.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd PDFelement v9.1.1 allows a remote attacker to execute arbitrary commands via the pdfelement-pro_setup_full5239.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd Dr.Fone v.12.4.9 allows a remote attacker to execute arbitrary commands via the drfone_setup_full3360.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd Anireel 1.5.4 allows a remote attacker to execute arbitrary commands via the anireel_setup_full9589.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd Recoverit v.10.6.3 allows a remote attacker to execute arbitrary commands via the recoverit_setup_full4134.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd Repairit v.3.5.4 allows a remote attacker to execute arbitrary commands via the repairit_setup_full5913.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co.,Ltd MobileTrans v.4.0.2 allows a remote attacker to execute arbitrary commands via the mobiletrans_setup_full5793.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co., Ltd DemoCreator v.6.0.0 allows a remote attacker to execute arbitrary commands via the democreator_setup_full7743.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co., Ltd UniConverter v.14.0.0 allows a remote attacker to execute arbitrary commands via the uniconverter14_64bit_setup_full14204.exe file.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co, Ltd Filmora v.12.0.9 allows a remote attacker to execute arbitrary commands via the filmora_setup_full846.exe.
- risk 0.51cvss 7.8epss 0.00
An issue found in Wondershare Technology Co, Ltd Edrawmind v.10.0.6 allows a remote attacker to executea arbitrary commands via the WindowsCodescs.dll file.
- risk 0.51cvss 7.8epss 0.00
Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users.
- risk 0.46cvss 7.0epss 0.00
A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search…
- risk 0.36cvss 5.5epss 0.00
A NULL pointer dereference in the component libPdfCore.dll of Wondershare PDF Reader v1.0.9.2544 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
- CVE-2020-37254Jun 19, 2026risk 0.00cvss —epss 0.00
Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart…
- CVE-2019-25344Feb 12, 2026risk 0.00cvss —epss 0.00
Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to…
- CVE-2022-50903Jan 13, 2026risk 0.00cvss —epss 0.00
Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific…
- CVE-2022-50901Jan 13, 2026risk 0.00cvss —epss 0.00
Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious…
- CVE-2022-50900Jan 13, 2026risk 0.00cvss —epss 0.00
Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem…
- CVE-2025-10644Sep 17, 2025risk 0.00cvss —epss 0.04
Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw…
- CVE-2025-10643Sep 17, 2025risk 0.00cvss —epss 0.03
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The…