exploitDog

CVE-2022-50903

Опубликовано: 13 янв. 2026

Источник: nvd

CVSS3: 8.4

CVSS3: 7.8

EPSS Низкий

Описание

Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific filesystem locations that will be executed with LocalSystem permissions during service startup.

Ссылки

https://www.exploit-db.com/exploits/50756
Exploit
https://www.vulncheck.com/advisories/wondershare-mobiletrans-elevationservice-unquoted-service-path
Third Party Advisory
https://www.wondershare.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wondershare:mobiletrans:3.5.9:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00014

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-428

Связанные уязвимости

GHSA-xm42-xfgp-mh86

CVSS3: 8.4

github

25 дней назад

Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific filesystem locations that will be executed with LocalSystem permissions during service startup.

EPSS

Процентиль: 2%

0.00014

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-428