CVE-2021-40724

HIGH

Acrobat Reader for Android <21.8.0 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-40724. PoCs published by tinopreter.

AI-analyzed exploit summary This repository contains a working exploit for CVE-2021-40724, targeting a local file inclusion (LFI) vulnerability in the MobileHackingLab DocumentViewer app. The exploit leverages dynamic code loading to execute arbitrary commands by writing a malicious library file into the vulnerable app's directory.

Description

Acrobat Reader for Android versions 21.8.0 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Exploits (1)

nomisec WORKING POC
by tinopreter · poc
https://github.com/tinopreter/DocViewerExploitApp

This repository contains a working exploit for CVE-2021-40724, targeting a local file inclusion (LFI) vulnerability in the MobileHackingLab DocumentViewer app. The exploit leverages dynamic code loading to execute arbitrary commands by writing a malicious library file into the vulnerable app's directory.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MobileHackingLab DocumentViewer (emulating Adobe Acrobat Reader Android app vulnerability)
No auth needed
Prerequisites: Network access to the target device · Ability to host a malicious library file on a web server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0332
EPSS Percentile 87.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
adobe/acrobat_reader < 21.8.0
Published Oct 15, 2021
Tracked Since Feb 18, 2026