Critical Vulnerability in ES File Explorer
A highly critical vulnerability in ES file explorer is reported by a french researcher. According to Elliot Alderson, ES File Explorer has vulnerability which would allow a hacker to access sensitive information on your device.
ES File Explorer has over 100 million installs on the Google Play Store. It is one of the most popular file explorer app. Its popularity is mainly because it is a very simple and effective file manager app.
According to the researcher ES File Explorer app includes a small hidden web server on port number 59777. Any hacker on the same network as the device he can use that port to inject a JSON payload to the web server to gain access to the device.
Once the hacker gains access through the open port, he could take almost any file from the Android device — including photos, videos, text files, etc. He can also transfer it to any other server they also had access to or could remotely launch apps on the exploited device.
