Primary

Context

Wondershare Repairit SAS Token Permission Assignment Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in Wondershare Repairit, allowing remote attackers to exploit the application without requiring authentication. The issue arises from incorrect permission assignments on SAS tokens, which can be leveraged to execute arbitrary code on the endpoints of affected customers, potentially leading to a supply-chain attack.

Impact

Exploitation of this vulnerability allows for authentication bypass, with the potential to execute arbitrary code on affected endpoints.

Remediation

Due to the nature of this vulnerability, the primary recommendation is to limit interactions with the product.

Added: Sep 17, 2025, 9:23 PM

Updated: Sep 17, 2025, 9:23 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.7

remediation

7.9

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.7

remediation

7.9

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wondershare Repairit SAS Token Permission Assignment Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Wondershare Repairit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating