### [CVE-2014-7952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7952)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.

### POC

#### Reference
- http://packetstormsecurity.com/files/132645/ADB-Backup-APK-Injection.html
- http://seclists.org/fulldisclosure/2015/Jul/46
- http://www.search-lab.hu/about-us/news/110-android-adb-backup-apk-injection-vulnerability
- https://github.com/irsl/ADB-Backup-APK-Injection/

#### Github
- https://github.com/irsl/ADB-Backup-APK-Injection