Vulnerabilities > CVE-2019-11380 - Unspecified vulnerability in Estrongs ES File Explorer File Manager 4.2.0.1.3

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
estrongs

Summary

The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage.

Vulnerable Configurations

Part Description Count
Application
Estrongs
1