Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-6447

EPSS 71.26% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-6447

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ES File Explorer File Manager application for Android 访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ES File Explorer File Manager application for Android(ES文件浏览器或文件管理器)是一款基于Android系统的多功能手机文件、程序和进程管理器,它支持在手机、电脑、远程和蓝牙间浏览管理文件。 基于Android平台的ES File Explorer File Manager application 4.1.9.7.4及之前版本中存在安全漏洞,该漏洞源于ES应用程序在运行一次之后,TCP 59777端口并未关闭依旧可以通过HTTP协议接收JSON数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2019-6447

#POC DescriptionSource LinkShenlong Link
1ES File Explorer Open Port Vulnerability - CVE-2019-6447https://github.com/fs0c131y/ESFileExplorerOpenPortVulnPOC Details
2ES File Explorer Open Port Vulnerability - CVE-2019-6447https://github.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447POC Details
3My exploit for ES Explorer Android App open port vulnerability.https://github.com/Nehal-Zaman/CVE-2019-6447POC Details
4Nonehttps://github.com/crypticdante/CVE-2019-6447POC Details
5Very basic bash script to exploit the CVE-2019-6447.https://github.com/julio-cfa/POC-ES-File-Explorer-CVE-2019-6447POC Details
6ES File Explorer v4.1.9.7.4 Open port vulnerability exploit. CVE-2019-6447 https://github.com/febinrev/CVE-2019-6447-ESfile-explorer-exploitPOC Details
7Nonehttps://github.com/Kayky-cmd/CVE-2019-6447--.POC Details
8This repository is developed to understand CVE-2019-6447https://github.com/VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-ExplorerPOC Details
9The above investigation of the ES file browser security weakness allows us to see the issue in its entiretyhttps://github.com/Osuni-99/CVE-2019-6447POC Details
10Exploiting Android Vulnerability in ES File Explorerhttps://github.com/Chethine/EsFileExplorer-CVE-2019-6447POC Details
11This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP 59777 port allows the attacker to install a backdoor and gather all the user’s data. Further in this paper there will be a proof of concept presented to consolidate the vulnerability. Download the PDF and enjoy !!! Cheers !!!https://github.com/vino-theva/CVE-2019-6447POC Details
12Nonehttps://github.com/KaviDk/CVE-2019-6447-in-Mobile-ApplicationPOC Details
13Nonehttps://github.com/H3xL00m/CVE-2019-6447POC Details
14Nonehttps://github.com/n3ov4n1sh/CVE-2019-6447POC Details
15Nonehttps://github.com/c0d3cr4f73r/CVE-2019-6447POC Details
16Nonehttps://github.com/Sp3c73rSh4d0w/CVE-2019-6447POC Details
17year 2 semester 1 Systems and Network Programming Assignmenthttps://github.com/Cmadhushanka/CVE-2019-6447-ExploitationPOC Details
18Nonehttps://github.com/0xwh1pl4sh/CVE-2019-6447POC Details
19Nonehttps://github.com/N3rdyN3xus/CVE-2019-6447POC Details
20Nonehttps://github.com/NyxByt3/CVE-2019-6447POC Details
21Nonehttps://github.com/h3xcr4ck3r/CVE-2019-6447POC Details
22Nonehttps://github.com/n3rdh4x0r/CVE-2019-6447POC Details
23Nonehttps://github.com/h3x0v3rl0rd/CVE-2019-6447POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-6447

登录查看更多情报信息。

Same Patch Batch · n/a · 2019-01-16 · 35 CVEs total

CVE-2019-6457GNU Recutils 资源管理错误漏洞
CVE-2015-9279MailEnable 跨站脚本漏洞
CVE-2015-9280MailEnable 代码问题漏洞
CVE-2018-20723Cacti 跨站脚本漏洞
CVE-2018-20724Cacti 跨站脚本漏洞
CVE-2018-20725Cacti 跨站脚本漏洞
CVE-2018-20726Cacti 跨站脚本漏洞
CVE-2019-6455GNU Recutils 安全漏洞
CVE-2019-6456GNU Recutils 安全漏洞
CVE-2015-9278MailEnable 信任管理漏洞
CVE-2019-6458GNU Recutils 资源管理错误漏洞
CVE-2019-6459GNU Recutils 资源管理错误漏洞
CVE-2019-6460GNU Recutils 安全漏洞
CVE-2019-6461Cairo 输入验证错误漏洞
CVE-2019-6462Cairo 安全漏洞
CVE-2019-2413Oracle Fusion Middleware Reports Developer 跨站脚本漏洞
CVE-2018-5736ISC BIND 安全漏洞
CVE-2019-6446NumPy 代码问题漏洞
CVE-2019-6439wolfSSL benchmark工具缓冲区错误漏洞
CVE-2016-10737Serendipity 跨站脚本漏洞

Showing top 20 of 35 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2019-6447

No comments yet

Leave a comment