Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-6447 | 1 Estrongs | 1 Es File Explorer File Manager | 2023-02-01 | 4.8 MEDIUM | 8.1 HIGH |
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP. | |||||
CVE-2019-8345 | 1 Estrongs | 1 Es File Explorer File Manager | 2021-07-21 | 4.3 MEDIUM | 4.2 MEDIUM |
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL. | |||||
CVE-2019-11380 | 1 Estrongs | 1 Es File Explorer File Manager | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage. |