ES File Explorer Update Brings HTTP Vulnerability Fix, Other Bug Fixes

Advertisement
By Tasneem Akolawala | Updated: 21 January 2019 14:20 IST
Highlights
  • ES File Explorer has quickly rolled out a fix for the HTTP vulnerability
  • Reported last week, vulnerability allowed easy phone access to hackers
  • ES File Explorer v4.1.9.9 update with the fix is available on Google Play

ES File Explorer was reported to have HTTP vulnerability in LAN

Just last week, an HTTP vulnerability was reported within ES File Explorer - a popular app used by many to manage phone storage. The vulnerability allegedly gave hackers easy access to phone's files, and all the victim had to do was open the app once to be exposed to it. Developers of ES File Explorer were quick to respond to this newfound bug, and within days of the reported vulnerability, a fix for the same has been issued. The update ES File Explorer v4.1.9.9 version is now available on Google Play, and all users are recommended to download it.

The changelog for the ES File Explorer v4.1.9.9 update states that the HTTP vulnerability in LAN has been fixed, alongside some other known bug fixes as well. The new v4.1.9.9 update also fixes a problem "that the music player part could not create a song list". A spokesperson also confirmed the fixes to Android Police, "The issue of unauthorised copying of files has been fixed by removing the corresponding code. The way a man-in-the-middle attack is avoided by the way the server upgrades."

We recommend all users to update to the latest version of ES File Explorer. The update is available to download for free on the Play Store, and as we mentioned, comes within days of the vulnerability being reported. The company had reportedly issued a fix last week itself, and was waiting for the Google market to pass the review. The developers told Android Police, "We have fixed the http vulnerability issue and released it. Waiting for the Google market to pass the review." And now finally the update with the fix is out for download.

Advertisement

According to security researcher who goes by the pseudonym Eliot Alderson, ES File Explorer used to start an HTTP server on port 59777, which left your phone accessible to anyone on the same local network to exploit it. The attacker can then use that port to inject a JSON payload and list out the files you have and even download them. If you happen to still use the app in in v4.1.9.7.4 and lower, then its best to update immediately, or connect only to highly trusted networks, or look for other alternatives.

 
Post your comments

For details of the latest launches and news from Samsung, Xiaomi, Realme, OnePlus, Oppo and other companies at the Mobile World Congress in Barcelona, visit our MWC 2025 hub.

Further reading: ES File Explorer
The Division 2, Far Cry New Dawn PC Physical Editions Listed for India
WhatsApp Limits Forwards to 5 Chats Globally to Curb Rumours
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Nothing Phone 4a, Phone 4a Pro Launched in India at This Price
  2. Motorola Edge 70 Fusion Launched in India With 50-Megapixel Sony LYT-710 Camera
  3. Nothing Phone 4a vs Motorola Edge 70: Price in India, Features Compared
  4. Just a Day After Releasing GPT-5.3 Instant, OpenAI Teases GPT-5.4 Model
  5. Vivo T5x 5G AnTuTu Score Exceeds 1 Million Points, Will Launch in India Soon
  6. Nothing Phone 4a Pro First Impressions
  7. Samsung Galaxy A47 5G, Galaxy A57 5G Specifications Leak Ahead of Launch
  8. Moto Watch Review: The Best Smartwatch Under Rs. 6,000 in 2026?
  9. Realme Narzo Power 5G With 10,001mAh Battery Launched in India: Price, Specifications
  10. Google Just Dropped the Fastest Gemini 3 Series AI Model
#Latest Stories
  1. Motorola Edge 70 Fusion Launched in India With 50-Megapixel Sony LYT-710 Camera, 7,000mAh Battery
  2. MacBook Pro (2026) With the M5 Max Chip Outpaces Older MacBook Pro Model With M4 Max on Geekbench
  3. Samsung Galaxy Smartphone Prices Reportedly Hiked in India; Several Models Said to Be Affected
  4. Honor X80i Spotted on TENAA With 6,800mAh Battery, 6.6-Inch OLED Display
  5. OnePlus 15T Tipped to Feature 1.5K 165Hz Display as Company Confirms Key Specifications
  6. Samsung Galaxy A37 5G and Galaxy A57 5G Specifications Reportedly Leaked in Full Ahead of Launch
  7. ISS Crew Prepares to Send Japan’s HTV-X1 Cargo Spacecraft Back to Earth After Four Months
  8. OpenAI’s Codex App Is Now Available on Windows, Can Be Downloaded via Microsoft Store
  9. OpenAI Teases GPT-5.4 AI Model Launch Just a Day After Releasing GPT-5.3 Instant
  10. Nothing Headphone (a) Launched With Adaptive ANC, Customisable Controls: Price, Specifications
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.