A major vulnerability found in the popular Android file explorer app, ES File Explorer. Security Researcher Elliot Alderson have found a new vulnerability in the ES File Explorer for Android app. It was reported that the vulnerability can expose files and information on the android device to anyone on the same network just by launching the app one time. After the app launches, ES leaves port 59777 open on the Android deice, which can then enable attackers to access the phone by exploiting that open port to inject a JSON payload.
According to a computer security researcher for Tripwire’s VERT (Vulnerability and Exposure Research Team), Craig Young, the ES File Explorer ‘Open Port’ vulnerability is far more serious than originally reported.
“The truth is that attackers do not actually need to be on the same network as the victim phone thanks to DNS rebinding,” said Young. “With this attack model, a website loaded on the phone or by any user on the same network can directly interact with the vulnerable HTTP server. This enables a remote attacker to harvest files and system information from vulnerable devices. An attack could be launched through hacked web pages, malicious advertising, or even a tweeted video.”
To overcome this issue, ES has released an updated version to the Google Play store. If you are using this application, it is recommended that you should upgrade immediately.