{"vulnerability": "CVE-2019-1138", "sightings": [{"uuid": "a45a3535-2385-4bb5-8b31-5648c0746aba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11380", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/5923", "content": "CVE-2019\u201311380 | How I was able to access complete storage of ES-FileExplorer End user\nhttps://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8", "creation_timestamp": "2019-09-16T23:00:00.000000Z"}, {"uuid": "a7c8c61c-a88e-4dfd-8acc-433bd18b6e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11380", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/376", "content": "ES File Explorer - Authentication bypass via insecure FTP Activity execution\n\n3rd party app can bypass master password to start local FTP server. Because of that, attacker on local network could access files on device without authentication.\nhttps://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8", "creation_timestamp": "2019-09-16T06:09:11.000000Z"}, {"uuid": "b7284c43-bfbc-4911-bb8b-b3de48cf9f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11380", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/3107", "content": "ES File Explorer - Authentication bypass via insecure FTP Activity execution\n\n3rd party app can bypass master password to starting local FTP server. Because of that, attacker on local network could access files on device without authentication.\nhttps://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8", "creation_timestamp": "2019-09-16T08:08:03.000000Z"}]}