This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: ES File Explorer fails to close TCP port 59777 after initial use. π **Consequences**: The port remains open, allowing attackers to send HTTP JSON requests to read arbitrary files on the device.β¦
π‘οΈ **CWE**: CWE-269 (Improper Privilege Management) / Access Control Error. π **Flaw**: The application initializes an HTTP server on port 59777 but does not properly shut it down or restrict access after the first run.β¦
π± **Product**: ES File Explorer File Manager (Android). π¦ **Affected Versions**: Version 4.1.9.7.4 and all earlier versions. β οΈ **Note**: With 500M+ users, the potential attack surface is massive.
Q4What can hackers do? (Privileges/Data)
π» **Privileges**: No authentication required. π **Data Access**: Attackers can perform **Arbitrary File Read**.β¦
π **Threshold**: LOW. π« **Auth**: None needed. βοΈ **Config**: The app just needs to have been launched at least once. If the port is open, any local or networked attacker can send a crafted HTTP request to exploit it.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Exploit**: YES. π **Public PoC**: Multiple GitHub repositories exist (e.g., fs0c131y/ESFileExplorerOpenPortVuln). π οΈ **Tools**: Simple bash scripts using `curl` are available to demonstrate arbitrary file reading.β¦
π **Check**: Scan for open TCP port **59777** on the target Android device. π‘ **Test**: Send an HTTP GET request to `http://<IP>:59777/`. If the server responds, the vulnerability is present.β¦
π¨ **Priority**: HIGH. β‘ **Urgency**: Critical due to the sheer number of affected users (500M+) and the ease of exploitation (no auth). π’ **Action**: Patch or remove immediately to prevent data leakage.