RSS   Vulnerabilities for 'Es file explorer file manager'   RSS

2019-09-05
 
CVE-2019-11380

CWE-284
 

 
The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage.

 
2019-02-15
 
CVE-2019-8345

CWE-601
 

 
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL.

 
2019-01-16
 
CVE-2019-6447

CWE-20
 

 
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.

 

 >>> Vendor: Estrongs 2 Products
Es file explorer
Es file explorer file manager


Copyright 2024, cxsecurity.com

 

Back to Top