EIP-2026-117073

PRE-CVE

Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117073. PoCs published by Esant1490.

AI-analyzed exploit summary This is a writeup detailing an unquoted service path vulnerability in Dr. Fone v4.0.8. The vulnerability allows for potential privilege escalation by exploiting the service path to execute arbitrary code with elevated privileges during system startup or reboot.

Description

Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Esant1490 · textlocalwindows

https://www.exploit-db.com/exploits/50977

View Code ZIP pw:eip

This is a writeup detailing an unquoted service path vulnerability in Dr. Fone v4.0.8. The vulnerability allows for potential privilege escalation by exploiting the service path to execute arbitrary code with elevated privileges during system startup or reboot.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Theoretical

Target: Dr. Fone v4.0.8

Auth required

Prerequisites: Local access to the system · Ability to write to the vulnerable service path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026