This Metasploit module connects to ES File Explorers HTTP server to run certain commands. The HTTP server is started on app launch, and is available as long as the app is open. Version 4.1.9.7.4 and below are reported vulnerable This Metasploit module has been tested against 4.1.9.5.1.
a73c6b524b907dbe590605fec39555ee25f87f4dfb5e202dfc167e9995d06c69
ES File Explorer version 4.1.9.7.4 arbitrary file read exploit.
49c30b8691d656d1bb19d03dc76bb300764a671ff450cedd6ccb6933b28818a2
Whitepaper called Android Vulnerability in ES File Explorer. It provides an overview of manual exploitation of ES File Explorer version 4.1.9.7.4 using counterfeit requests over HTTP.
9b0d580d48451b1cfce532d6de5bf7c4caa5faf0493949998e87a7e17ccea3df