CVE-2022-50900

HIGH

Wondershare Dr.Fone 12.0.18 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-50900. PoCs published by Mohamed Alzhrani.

AI-analyzed exploit summary This writeup describes an unquoted service path vulnerability in Wondershare Dr.Fone 12.0.18, where the service path lacks quotes, potentially allowing local privilege escalation if an attacker places a malicious executable in a higher-priority directory. The exploit details how the service could execute arbitrary code with elevated privileges.

Description

Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup.

Exploits (1)

exploitdb WRITEUP
by Mohamed Alzhrani · textlocalwindows
https://www.exploit-db.com/exploits/50813

This writeup describes an unquoted service path vulnerability in Wondershare Dr.Fone 12.0.18, where the service path lacks quotes, potentially allowing local privilege escalation if an attacker places a malicious executable in a higher-priority directory. The exploit details how the service could execute arbitrary code with elevated privileges.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Theoretical
Target: Wondershare Dr.Fone 12.0.18
Auth required
Prerequisites: Local access to the system · Ability to write to a directory in the service path
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.4
EPSS 0.0020
EPSS Percentile 10.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-428
Status published
Products (1)
wondershare/dr.fone 12.0.18
Published Jan 13, 2026
Tracked Since Feb 18, 2026