Android file manager ES File Explorer made data from phone leak

Jan

17

2019

Android file manager In the background, ES File Explorer turned a web server that exposed the user to attacks from lan. A researcher showed that he could read files and open apps remotely.

In a series of tweets security researcher Baptiste Robert shows how the vulnerability works. Every time the app starts, the app sets up an http server. It listens on port 59777 and does not do authentication. The editors of TechCrunch have also verified the vulnerability. According to the researcher, the open gate is in version 4.1.9.5.2 and below. That was the latest version of the app until about January 11 last.

According to the creators of the app, more than 500 million users worldwide have the app on their phone. The Google Play Store reports 100 million or more installations. ES App Group did not respond to requests for comments from TechCrunch. Robert suspects that the vulnerability, which now also has a cve number , is purposely placed in the app as a back door.

In a reaction to Roberts tweets, Lukas Stefanko, malware researcher at ESET, reports that he can also use mitm attacks on the application, although he does not give a lot of background information about it.

Viewing:-40

In: A Technology & Gadgets Asked By: [22637 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »