EIP-2026-100064

PRE-CVE

eVestigator Forensic PenTester - Man In The Middle Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100064. PoCs published by intern0t.

AI-analyzed exploit summary This exploit demonstrates a Remote Code Execution (RCE) vulnerability in eVestigator Forensic PenTester v1 via MITM attacks. The vulnerability arises from the use of addJavascriptInterface() in an older Android API, allowing arbitrary Java code execution through crafted JavaScript.

Description

eVestigator Forensic PenTester - Man In The Middle Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by intern0t · textremoteandroid

https://www.exploit-db.com/exploits/42287

View Code ZIP pw:eip

This exploit demonstrates a Remote Code Execution (RCE) vulnerability in eVestigator Forensic PenTester v1 via MITM attacks. The vulnerability arises from the use of addJavascriptInterface() in an older Android API, allowing arbitrary Java code execution through crafted JavaScript.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: eVestigator Forensic PenTester v1

No auth needed

Prerequisites: MITM position to intercept/modify traffic to api.ipify.org · Victim running eVestigator Forensic PenTester v1 on vulnerable Android API level

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026