Attacker Value
Unknown
(1 user assessed)
Exploitability
Unknown
(1 user assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Adjacent_network
0

CVE-2019-6447

Disclosure Date: January 16, 2019
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Metasploit Module

Description

The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.

Add Assessment

1
Ratings
Technical Analysis

The big kicker for this was that it didn’t work on the cellular side, so you needed to be on the same network as the device. The device most likely being on the wifi, so a coffee bar or airport would have been prime exploitation grounds.
ES File Explorer is a VERY common software, often included on cheaper Android phones, for browsing files. The vulnerability basically gave as much access to the device as you’d want, allowing for almost everything but RCE. The software on the odd port spoke HTTP, so JSON POST commands were the common language.

CVSS V3 Severity and Metrics
Base Score:
8.1 High
Impact Score:
5.2
Exploitability Score:
2.8
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector (AV):
Adjacent_network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
None

General Information

Vendors

  • estrongs

Products

  • es file explorer file manager

Additional Info

Technical Analysis