← voltar
CVE-2019-6447

CVE-2019-6447

EPSS 62.0%
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
Produtos afetados
n/a · n/a
PoCs públicas encontradas14
githubgithub.com/fs0c131y/ESFileExplorerOpenPortVuln679githubgithub.com/Chethine/EsFileExplorer-CVE-2019-64473githubgithub.com/h3x0v3rl0rd/CVE-2019-64470githubgithub.com/julio-cfa/POC-ES-File-Explorer-CVE-2019-64470githubgithub.com/febinrev/CVE-2019-6447-ESfile-explorer-exploit0githubgithub.com/Kayky-cmd/CVE-2019-6447--.0githubgithub.com/VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer0githubgithub.com/Osuni-99/CVE-2019-64470githubgithub.com/vino-theva/CVE-2019-64470githubgithub.com/Cmadhushanka/CVE-2019-6447-Exploitation0githubgithub.com/KaviDk/CVE-2019-6447-in-Mobile-Application0githubgithub.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-64470exploitdbwww.exploit-db.com/exploits/50070não verificadocve_referencepacketstormsecurity.com/files/163303/ES-File-Explorer-4.1.9.7.4-Arbitrary-File-Read.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/163303/ES-File-Explorer-4.1.9.7.4-Arbitrary-File-Read.htmlhttps://github.com/fs0c131y/ESFileExplorerOpenPortVulnhttps://twitter.com/fs0c131y/status/1085460755313508352