ADB Explorer Insecure Deserialization Vulnerability Leading to Remote Code Execution
Vulnerability
A remote code execution vulnerability exists in ADB Explorer versions prior to Beta 0.9.26020, due to insecure deserialization of the App.txt settings file. The application uses Newtonsoft.Json to deserialize the file with TypeNameHandling set to Objects, allowing an attacker to craft a JSON file that executes arbitrary code when the application is launched and saves its settings. This vulnerability has been addressed in Beta 0.9.26020.
Impact
Exploitation of this vulnerability allows for arbitrary code execution on the user's machine, with the same privileges as the user running ADB Explorer.
Reproduction
To reproduce this vulnerability, create a directory named 'MaliciousConfig' and place a file named 'App.txt' inside it. This file should contain a payload designed to exploit the deserialization vulnerability, such as a JSON object referencing a Windows process. Then, launch ADB Explorer from a command line, specifying the path to the 'MaliciousConfig' directory. When the application is closed, the payload will be executed, demonstrating the vulnerability.
Remediation
Users should update to ADB Explorer Beta 0.9.26020 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.