{"id":8375,"date":"2019-01-25T00:03:00","date_gmt":"2019-01-24T23:03:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8375"},"modified":"2019-01-22T23:55:59","modified_gmt":"2019-01-22T22:55:59","slug":"android-es-file-explorer-vulnerable","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/01\/25\/android-es-file-explorer-vulnerable\/","title":{"rendered":"Android: ES File Explorer vulnerable"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2012\/07\/android.jpg\" width=\"58\" height=\"58\" align=\"left\" \/>Android file manager ES File Explorer has a vulnerability that put 100 Million Users' Data at Risk. A hidden web server runs always in background.<\/p>\n<p><!--more--><\/p>\n<p>ES File Explorer is a popular Android app with more than 100 Million downloads. But that thing has a vulnerability: After the app is opened once, a hidden web server runs always in background. Anyone connected to the same local network can remotely get a file from your phone. That's what Elliot Alderson found and reported within this tweet.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p dir=\"ltr\" lang=\"en\">With more than 100,000,000 downloads ES File Explorer is one of the most famous <a href=\"https:\/\/twitter.com\/hashtag\/Android?src=hash&amp;ref_src=twsrc%5Etfw\">#Android<\/a> file manager.<br \/>\nThe surprise is: if you opened the app at least once, anyone connected to the same local network can remotely get a file from your phone <a href=\"https:\/\/t.co\/Uv2ttQpUcN\">https:\/\/t.co\/Uv2ttQpUcN<\/a><\/p>\n<p>\u2014 Elliot Alderson (@fs0c131y) <a href=\"https:\/\/twitter.com\/fs0c131y\/status\/1085460755313508352?ref_src=twsrc%5Etfw\">16. Januar 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Even worse: Access to files will be possible, even if the user has not granted the app any permissions on the Android device. So it's easy to exploit the vulnerability that is now tracked as <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-6447\" target=\"_blank\" rel=\"noopener\">CVE-2019-6447<\/a>. But this isn't the only vulnerability &#8211; Elliot Alderson found more vulnerabilities within ES File Explorer app. Developer ES Global kept silent, if and when the flaws will be fixed.<\/p>\n<p>A few more details may be found within <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/es-file-explorer-flaws-put-100-million-users-data-at-risk-fix-promised\/\" target=\"_blank\" rel=\"noopener\">this article<\/a> from Bleeping Computer. For my own, I used ES File Explorer long ago (during the times of Android 1.6 and 2.x up to 4.x). But some day I discovered, that after updating the app, there was a request for many permissions (contacts, WiFi and more ressources). So I decided to dump this app from my Android devices.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Android file manager ES File Explorer has a vulnerability that put 100 Million Users' Data at Risk. A hidden web server runs always in background.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,580],"tags":[60,69],"class_list":["post-8375","post","type-post","status-publish","format-standard","hentry","category-android","category-security","tag-android","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8375","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=8375"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8375\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=8375"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=8375"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=8375"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}