CVE-2019-25266

Wondershare Application Framework Service 2.4.3.231 - 'WsAppService' Unquote Service Path

CVSS 8.5 HIGHEPSS 0.1%CWE-428

Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific directory locations to hijack the service's execution context.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Wondershare · Wondershare Application Framework Service

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/47617 https://www.vulncheck.com/advisories/wondershare-application-framework-service-wsappservice-unquote-service-path https://www.wondershare.com/https://www.wondershare.com/drfone/