Zurück zur CVE-Übersicht
CVE-2021-44595
HIGH(8.8)CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Risk Signal Score28/100 — MITTEL
- CVSS 8.8 — Hoch
EPSS-Score
21%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.8
Technische Schwere
Beschreibung
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
Referenzen
- http://packetstormsecurity.com/files/167036/Wondershare-Dr.Fone-12.0.7-Privilege...
- https://medium.com/@tomerp_77017/wondershell-a82372914f26
- http://dr.com
- http://packetstormsecurity.com/files/167036/Wondershare-Dr.Fone-12.0.7-Privilege...
- http://wondershare.com
- https://medium.com/%40tomerp_77017/wondershell-a82372914f26