EIP-2026-118149

PRE-CVE

Wondershare Application Framework Service - _WsAppService_ Unquote Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118149. PoCs published by chuyreds.

AI-analyzed exploit summary This is a technical writeup detailing an unquoted service path vulnerability in Wondershare Application Framework Service (WsAppService). The vulnerability allows for potential local privilege escalation due to improper handling of service paths containing spaces.

Description

Wondershare Application Framework Service - _WsAppService_ Unquote Service Path

Exploits (1)

exploitdb WRITEUP

by chuyreds · textlocalwindows

https://www.exploit-db.com/exploits/47647

View Code ZIP pw:eip

This is a technical writeup detailing an unquoted service path vulnerability in Wondershare Application Framework Service (WsAppService). The vulnerability allows for potential local privilege escalation due to improper handling of service paths containing spaces.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Wondershare Application Framework Service 2.4.3.231

Auth required

Prerequisites: Local access to the system · Ability to write to a directory in the unquoted service path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026