GCVE - cpe:2.3:a:wondershare:dr.fone:12.4.9:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wondershare:dr.fone:12.4.9:*:*:*:*:*:*:*

part: a version: 12.4.9 update: *

Vendor	Wondershare (`5ffbe3b0-a798-5b2c-91f9-3ef4e68ae984`)
Product	Dr.Fone (`82eef9c4-341f-55c3-a1e5-1981f0f2f357`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-27767`	vulnerable	2026-06-03 14:51:02.675440	Details available An issue found in Wondershare Technology Co.,Ltd Dr.Fone v.12.4.9 allows a remote attacker to execute arbitrary commands via the drfone_setup_full3360.exe file. Published: 2023-04-04T00:00:00.000Z Updated: 2025-02-13T21:09:46.203Z Open on db.gcve.eu Reference links https://github.com/liong007/Wondershare/issues/6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-50901`	vulnerable	2026-06-03 14:48:45.063178	Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path HIGH (8.4) Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that would run with LocalSystem privileges. Published: 2026-01-13T22:51:46.262Z Updated: 2026-03-05T01:29:25.472Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/50755 https://www.wondershare.com/ https://www.vulncheck.com/advisories/wondershare-drfone-dfwsidservice-unquoted-service-path	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-50900`	vulnerable	2026-06-03 14:48:45.061671	Wondershare Dr.Fone 12.0.18 - 'Wondershare InstallAssist' Unquoted Service Path HIGH (8.4) Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup. Published: 2026-01-13T22:51:45.854Z Updated: 2026-03-05T01:29:24.715Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/50813 https://www.wondershare.com/ https://www.vulncheck.com/advisories/wondershare-drfone-wondershare-installassist-unquoted-service-path	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.