According to AndroidPolice reported, security researcher Elliot Alderson (@fs0c131y on Twitter) pointed out that one of Android’s most famous file manager, ES File Explorer, this application not only Making mobile storage more confusing and erroneous will also make user files more vulnerable to theft.
In the early days of Android, ES File Explorer was one of the most famous Android file managers. Users can browse the file system of Android phones or tablets and get files, data, documents, etc., and downloaded more than 100 million times.
However, Elliot Alderson said that every time the user opens the ES File Explorer, an HTTP server is started. This server opens port 59777 locally, which means that anyone connected to the same local network can remotely retrieve files from your mobile phone.
An attacker can use this port to inject a JSON payload, get the user’s application and file information, and then download the user’s data over the network. Depending on the video shared by ES File Explorer, this may be related to the file sharing capabilities of the application.
ES File Explorer has more than 100 million downloads, which means many devices are vulnerable. Fortunately, this type of attack is only valid on the local network. In general, don’t be on the same network as people and devices that are not credited, so you can be sure that your data is not being read.
Elliot Alderson said the vulnerability exists in v18.104.22.168.4 and lower, which is the same version as the Google Store, so the latest version of ES File Explorer is also insecure.
Currently, the developer has not released any news, but ES File Explorer is still actively developing. According to AndroidPolice, recent updates will fix this vulnerability.