ES File Explorer Flaws Put 100 Million Users' Data at Risk, Fix Promised

LASER_oneXM · Jan 18, 2019

A hidden web server always running in the background was found by security researcher Robert Baptiste in ES File Explorer, an Android file manager with over 100,000,000 installs displayed on the Google Play store page and over 500 million users worldwide according to its developer.

As discovered by Baptiste, right after launching the app it will start a local HTTP server on port 59777 which will stay open until all the background services of ES File Explorer are killed:

Everytime a user is launching ES File Explorer, a HTTP server is started. This server is opening locally the port 59777. An attacker connected on the same local network than the victim, can obtain a lot of juicy information (device info, app installed, ...) about the victim's phone, remotely get a file from the victim's phone and remotely launch an app on the victim's phone.

Deletedmessiah · Jan 18, 2019

I'm glad I stopped using this app millions of years ago...

cibin · Jan 18, 2019

stop using

Hollow · Jan 20, 2019

I never used it
But I will share it to my friends

CyberTech · Jan 20, 2019

Deletedmessiah said:
I'm glad I stopped using this app millions of years ago...

Same here i had Android so now An iPhone thank God..

Search

ES File Explorer Flaws Put 100 Million Users' Data at Risk, Fix Promised

LASER_oneXM

Level 37

Deletedmessiah

Level 25

cibin

Level 1

Hollow

Level 3

CyberTech

Level 44

Similar threads