{"uuid": "a7c8c61c-a88e-4dfd-8acc-433bd18b6e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11380", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/376", "content": "ES File Explorer - Authentication bypass via insecure FTP Activity execution\n\n3rd party app can bypass master password to start local FTP server. Because of that, attacker on local network could access files on device without authentication.\nhttps://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8", "creation_timestamp": "2019-09-16T06:09:11.000000Z"}