← volver
CVE-2019-6447

CVE-2019-6447

EPSS 62.0%
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
Productos afectados
n/a · n/a
PoCs públicas encontradas14
githubgithub.com/fs0c131y/ESFileExplorerOpenPortVuln679githubgithub.com/Chethine/EsFileExplorer-CVE-2019-64473githubgithub.com/h3x0v3rl0rd/CVE-2019-64470githubgithub.com/julio-cfa/POC-ES-File-Explorer-CVE-2019-64470githubgithub.com/febinrev/CVE-2019-6447-ESfile-explorer-exploit0githubgithub.com/Kayky-cmd/CVE-2019-6447--.0githubgithub.com/VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer0githubgithub.com/Osuni-99/CVE-2019-64470githubgithub.com/vino-theva/CVE-2019-64470githubgithub.com/Cmadhushanka/CVE-2019-6447-Exploitation0githubgithub.com/KaviDk/CVE-2019-6447-in-Mobile-Application0githubgithub.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-64470exploitdbwww.exploit-db.com/exploits/50070no verificadocve_referencepacketstormsecurity.com/files/163303/ES-File-Explorer-4.1.9.7.4-Arbitrary-File-Read.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/163303/ES-File-Explorer-4.1.9.7.4-Arbitrary-File-Read.htmlhttps://github.com/fs0c131y/ESFileExplorerOpenPortVulnhttps://twitter.com/fs0c131y/status/1085460755313508352