CVE-2016-6754

HIGH

Google Android < 6.0.1 - Injection

Title source: rule

Description

A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. This issue is rated as High due to the possibility of remote code execution in an unprivileged process. Android ID: A-31217937.

Exploits (3)

exploitdb WORKING POC

by Guang Gong · htmlremoteandroid

https://www.exploit-db.com/exploits/40846

View Code ZIP pw:eip

nomisec STUB 152 stars

by secmob · poc

https://github.com/secmob/BadKernel

View Code ZIP pw:eip

gitlab STUB

by The-Real-TechLord · poc

https://gitlab.com/The-Real-TechLord/BadKernel

View Code ZIP pw:eip

References (3)

[Vendor Advisory] https://source.android.com/security/bulletin/2016-11-01.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94204

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/40846/

Scores

CVSS v3 8.8

EPSS 0.2845

EPSS Percentile 96.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-74

Status published

Products (10)

google/android 5.0

google/android 5.0.1

google/android 5.1

google/android 5.1.0

google/android 6.0

google/android < 6.0.1

Google Inc./Android Android-5.0.2

Google Inc./Android Android-5.1.1

Google Inc./Android Android-6.0

Google Inc./Android Android-6.0.1

Published Nov 25, 2016

Tracked Since Feb 18, 2026