CVE-2020-7384

HIGH

Metasploit < 4.19.0 - Command Injection via Malicious APK File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2020-7384. PoCs published by Justin Steven, nikhil1232, CarsonShaffer, including Metasploit module exploits/unix/fileformat/metasploit_msfvenom_apk_template_cmd_injection.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Metasploit's msfvenom APK template generation by embedding a malicious payload in the -dname parameter of a signing key. The payload is executed when the APK is processed by msfvenom.

Description

Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine.

Exploits (4)

exploitdb WORKING POC
by Justin Steven · pythonlocalmultiple
https://www.exploit-db.com/exploits/49491

This exploit leverages a command injection vulnerability in Metasploit's msfvenom APK template generation by embedding a malicious payload in the -dname parameter of a signing key. The payload is executed when the APK is processed by msfvenom.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Metasploit Framework 6.0.11 and Metasploit Pro 4.18.0
No auth needed
Prerequisites: keytool · jarsigner · msfvenom · zip
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 10 stars
by nikhil1232 · poc
https://github.com/nikhil1232/CVE-2020-7384

This repository contains a functional exploit for CVE-2020-7384, which leverages a command injection vulnerability in the APK signing process. The script generates a malicious APK file with a crafted keystore -dname field that executes a reverse shell payload when processed by vulnerable software.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Metasploit msfvenom APK template command injection vulnerability
No auth needed
Prerequisites: Access to a vulnerable system that processes APK files · Ability to deliver the malicious APK to the target
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by CarsonShaffer · poc
https://github.com/CarsonShaffer/CVE-2020-7384

This repository contains a functional exploit script for CVE-2020-7384, which leverages a command injection vulnerability in the APK signing process. The script generates a malicious APK file with a crafted distinguished name (dname) that executes a reverse shell payload when processed by a vulnerable system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: APK signing tools (e.g., jarsigner, keytool)
No auth needed
Prerequisites: default-jdk installed · vulnerable APK signing tool
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Justin Steven · rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/fileformat/metasploit_msfvenom_apk_template_cmd_injection.rb

This exploit leverages a command injection vulnerability in Metasploit Framework's msfvenom when processing a crafted APK template. The payload is embedded in the X.509 certificate's Common Name (CN) field, which is executed when the victim uses msfvenom to generate an APK payload.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Metasploit Framework <= 6.0.11, Metasploit Pro <= 4.18.0
No auth needed
Prerequisites: Victim must use msfvenom with the crafted APK template
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Patch, Third Party Advisory x_refsource_misc
https://github.com/rapid7/metasploit-framework/pull/14288

Scores

CVSS v3 7.0
EPSS 0.7009
EPSS Percentile 98.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-77
Status published
Products (1)
rapid7/metasploit < 4.19.0
Published Oct 29, 2020
Tracked Since Feb 18, 2026