PT-2026-2379 · Wondershare · Wondershare Mobiletrans+1
Luis Martinez
·
Publicado
2026-01-13
·
Atualizado
2026-01-28
·
CVE-2022-50903
CVSS v3.1
8.4
Alta
| Vetor | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wondershare MobileTrans version 3.5.9
Description
The software contains an unquoted service path vulnerability within the ElevationService. This allows local users to potentially execute code with elevated system privileges. Exploitation involves placing malicious executables in specific filesystem locations, which are then executed with LocalSystem permissions during service startup.
Recommendations
Apply appropriate quoting to the service path to prevent the execution of unauthorized code.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wondershare Mobiletrans
Mobiletrans