Open port vulnerability in ES file explorer
With more than 100,000,000 downloads ES File Explorer is one of the most famous #Android file
The exploit works by a port that is opened up on the device when ES File Explorer is opened. In essence, every time you launch the application, a web server is opened. Robert wrote a proof of concept Python script that can connect to a mobile device running the app, connect to it, and list files of a certain type. It can then download any of those files directly from your phone. It’s a pretty serious vulnerability as it can allow anyone on the same network to download a file straight from your phone. It can even launch an app on your device too.
Proof of concept Open port vulnerability
Man in the middle attack in ES file explorer
Proof of concept Man in the middle attack
Note: These vulnerabilities have been found in 184.108.40.206.4 and below versions. As well as these vulnerabilities don’t found in