CVE-2020-7384
Rapid7’s Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim’s machine.
Date published : 2020-10-29
http://packetstormsecurity.com/files/161200/Metasploit-Framework-6.0.11-Command-Injection.html