CVE-2026-0073

The repository contains a functional exploit for CVE-2026-0073, which bypasses TLS authentication in Android's adbd by leveraging a type mismatch in EVP_PKEY_cmp(). The exploit establishes a TLS connection with an EC P-256 client certificate, bypassing RSA key checks, and opens a shell session.

This repository contains a functional exploit for CVE-2026-0073, which bypasses TLS authentication in Android Debug Bridge (ADB) to achieve remote code execution. The exploit leverages a cryptographic flaw in OpenSSL's EVP_PKEY_cmp function when handling non-RSA keys, allowing unauthenticated access to an interactive shell on vulnerable Android devices.

The repository contains a C++ tool that checks if the Android Wireless ADB port (5555) is open, indicating potential vulnerability to CVE-2026-0073. It does not exploit the vulnerability but confirms if the target is likely vulnerable.

This repository contains a functional exploit for CVE-2026-0073, which bypasses Android ADB daemon TLS authentication via a type confusion bug in `EVP_PKEY_cmp()`. The exploit leverages a mismatch between RSA and non-RSA keys to gain unauthorized shell access.

This repository contains a functional exploit for CVE-2026-0073, a critical cryptographic logic failure in Android's adbd that allows unauthenticated attackers to bypass TLS authentication and gain root access via Wireless ADB. The exploit leverages a type mismatch in EVP_PKEY_cmp() to trick the device into accepting an EC key as a valid RSA key.

This repository contains a functional Python PoC for CVE-2026-0073, which exploits a logic error in ADB daemon certificate verification. The script generates a non-RSA certificate to bypass authentication and execute commands on vulnerable Android devices with wireless ADB enabled.

This repository contains a functional exploit for CVE-2026-0073, a critical 0-click RCE vulnerability in Android's ADB (Android Debug Bridge) due to improper TLS certificate verification. The exploit bypasses authentication by leveraging a flawed certificate validation mechanism in the `adbd_tls_verify_cert` function, allowing an attacker to execute arbitrary commands on vulnerable Android devices (versions 13-16) with Wireless Debugging enabled.

This repository contains a functional C exploit for CVE-2026-0073, which bypasses TLS authentication in Android's adbd service by exploiting a flaw in the EVP_PKEY_cmp function. The exploit establishes a TLS 1.3 connection with a crafted ephemeral EC certificate and executes arbitrary commands on the target device.

This repository contains a functional exploit for CVE-2026-0073, which bypasses ADB wireless mutual authentication to achieve zero-click ADB shell access. The exploit leverages TLS authentication flaws to execute arbitrary commands on vulnerable Android devices.

The repository contains a Python-based scanner for CVE-2026-0073, which targets a logic error in Android's ADB TLS certificate verification. It checks for exposed endpoints but does not include exploit code for achieving RCE.

This repository contains a functional exploit for CVE-2026-0073, which bypasses TLS authentication in Android ADB to achieve remote code execution. The exploit includes an interactive shell and mDNS-based auto-discovery for targeting vulnerable Android devices.

This repository contains a functional Python exploit for CVE-2026-0073, an authentication bypass vulnerability in Android's ADB Wireless Debugging. The exploit leverages a type confusion in TLS certificate verification to bypass authentication and gain remote shell access.

This repository contains a functional exploit PoC and network scanner for CVE-2026-0073, a critical zero-click RCE vulnerability in Android's ADB-over-TCP authentication. The exploit leverages a logic bug in `adbd_tls_verify_cert()` where `EVP_PKEY_cmp()` incorrectly treats a type mismatch (-1) as a successful authentication, bypassing TLS certificate validation.

This repository contains a functional Python PoC for CVE-2026-0073, which exploits a logic error in ADB daemon certificate verification (`adbd_tls_verify_cert` in `auth.cpp`). The vulnerability allows authentication bypass by presenting a non-RSA certificate (EC or Ed25519), which triggers a non-zero return value from `EVP_PKEY_cmp`, incorrectly granting access.

The repository claims to exploit CVE-2026-0073 in Android's Wireless ADB but lacks actual exploit code, instead redirecting users to an external download link. The README is vague and lacks technical details about the vulnerability.