Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization
Vulnerability Description
ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allows an attacker to supply a crafted JSON file containing a gadget chain (e.g., ObjectDataProvider) to execute arbitrary code when the application launches and subsequently saves its settings. This vulnerability is fixed in Beta 0.9.26020.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
ADB Explorer 代码问题漏洞
Vulnerability Description
ADB Explorer是Alex B个人开发者的一个ADB的用户界面。 ADB Explorer Beta 0.9.26020之前版本存在代码问题漏洞,该漏洞源于不安全反序列化,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A