ADB Explorer Recursive Directory Deletion Vulnerability

A vulnerability in ADB Explorer for Windows, in versions prior to 0.9.26021, allows for unvalidated command-line arguments to trigger recursive deletion of arbitrary directories. The application accepts a path argument to customize the data directory but only verifies the existence of the path. The issue arises because the 'ClearDrag()' method deletes all subdirectories of the specified path at startup and exit. An attacker can exploit this by launching ADB Explorer with a critical directory, such as 'C:\Users\%USERNAME%\Documents', as the argument, leading to permanent deletion of its contents, bypassing the Recycle Bin.

Impact

Exploitation of this vulnerability results in the arbitrary deletion of directories and their contents on the Windows filesystem, with potential loss of important user data.

Reproduction

To reproduce this vulnerability, create a Windows shortcut or batch file that launches ADB Explorer with a path to a directory you wish to delete, such as 'C:\Users\%USERNAME%\Documents'. When ADB Explorer is started with this argument, the 'ClearDrag()' method will execute and recursively delete all subdirectories within the specified directory. This can also be done by using a crafted shortcut that points to a critical directory, causing the same recursive deletion effect.

Remediation

Users can update to ADB Explorer version 0.9.26021 or later, where this vulnerability has been fixed.