[ad_1]
One of the most popular mobile file managers, ES File Explorer, hides in its code a dangerous vulnerability. According to a French researcher specializing in security at Baptist Robert, this application can access data from other users.
Tech Crunch Reports
Read also: What are root rights and how to get them on Android: Instruction [19659004] In addition to accessing content on a mobile device, the ES File Explorer allows you to manage data on FTP, FTPS, SFTP and WebDAV servers, as well as in cloud storage. In addition, it can be used to copy and paste files between devices via Bluetooth.
However, an open port detected by an expert with the help of a special script opens access to images, videos and data stored on the memory card of another device of the even local. Wi-Fi network. In addition, an attacker can even remotely launch a malicious application on the smartphone of a victim.
The expert has sent a report to the developers of the application, but these have not yet given their comments. This is not great because the attacker must be on the same network as the victim. It's not difficult to find a user with ES File Explorer on a smartphone, on any open Wi-Fi network, but with over 500 million installations.
Also read: Secrets on Android, Improve your smartphone: Step by Step Instructions
Source link