Description
ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the `ManualAdbPath` settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention (UNC) path in the application's settings file. This allows an attacker to set the binary's path to point to a remote network resource, hosted on an attacker-controlled network share, thus granting the attacker full control over the binary being executed by the app. An attacker may leverage this vulnerability to execute code remotely on a victim's machine with the privileges of the user running the app. Exploitation is made possible by convincing a victim to run a shortcut of the app that points to a custom `App.txt` settings file, which sets `ManualAdbPath` (for example, when downloaded in an archive file). Version Beta 0.9.26022 fixes the issue.
Published: 2026-02-25
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

In versions of ADB-Explorer released before Beta 0.9.26022, the system allows the ManualAdbPath setting to be defined as a UNC path in the application’s settings file. If an attacker supplies a custom configuration file that points the binary path to a remote network share, the application will download and run the remote binary. The attacker can thus execute arbitrary code on the victim’s machine with the privileges of the user running ADB‑Explorer. The vulnerability is a type of uncontrolled input flaw that permits arbitrary code execution on the local system.

Affected Systems

The affected product is Alex4SSB ADB‑Explorer, a Windows‑based fluent UI for ADB. All installations of the product older than Beta 0.9.26022 are susceptible. The vulnerability is present only in Windows builds of the application and requires a user to launch the app using a malicious settings file.

Risk and Exploitability

The CVSS v3.1 score of 8.8 indicates a high‑severity flaw. The EPSS probability is reported as less than 1%, suggesting that exploitation may not be widespread at present, yet the availability of a fix and the high impact make it a priority. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the victim to open a shortcut that references a user‑supplied settings file, a scenario that typically involves social engineering. Once the shortcut is executed, the remote binary is run under the user's account, enabling full control of the victim system.

Generated by OpenCVE AI on April 16, 2026 at 16:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ADB-Explorer to version Beta 0.9.26022 or later, which removes the ability to set ManualAdbPath to a UNC path.
  • If an upgrade is not immediately possible, locate and delete any custom App.txt files that reference network shares, and configure the application to use only local paths for the ADB binary.
  • Disallow the use of shortcuts that point to externally supplied configuration files; verify the integrity of the settings file before opening the application.

Generated by OpenCVE AI on April 16, 2026 at 16:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Alex4ssb adb Explorer
CPEs cpe:2.3:a:alex4ssb:adb_explorer:*:*:*:*:*:windows:*:*
Vendors & Products Alex4ssb adb Explorer
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Fri, 27 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 25 Feb 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Alex4ssb
Alex4ssb adb-explorer
Vendors & Products Alex4ssb
Alex4ssb adb-explorer

Wed, 25 Feb 2026 03:15:00 +0000

Type Values Removed Values Added
Description ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the `ManualAdbPath` settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention (UNC) path in the application's settings file. This allows an attacker to set the binary's path to point to a remote network resource, hosted on an attacker-controlled network share, thus granting the attacker full control over the binary being executed by the app. An attacker may leverage this vulnerability to execute code remotely on a victim's machine with the privileges of the user running the app. Exploitation is made possible by convincing a victim to run a shortcut of the app that points to a custom `App.txt` settings file, which sets `ManualAdbPath` (for example, when downloaded in an archive file). Version Beta 0.9.26022 fixes the issue.
Title ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)
Weaknesses CWE-40
CWE-829
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Alex4ssb Adb-explorer Adb Explorer
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-27T17:09:58.886Z

Reserved: 2026-02-20T19:43:14.603Z

Link: CVE-2026-27615

cve-icon Vulnrichment

Updated: 2026-02-27T17:09:44.818Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-25T03:16:05.990

Modified: 2026-02-27T19:04:28.260

Link: CVE-2026-27615

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T16:30:15Z

Weaknesses