CVE-2014-1970

2014-03-2015:55:05

CWE-22

[email protected]

web.nvd.nist.gov

cve-2014-1970

directory traversal

es file explorer

file manager

android

remote attackers

security vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.1%

JSON

Directory traversal vulnerability in the ES File Explorer File Manager application before 3.0.4 for Android allows remote attackers to overwrite or create arbitrary files via unspecified vectors.

Affected configurations

NVD

Node

estrongses_file_explorerRange≤3.0.0android

estrongses_file_explorerMatch1.6.0.2android

estrongses_file_explorerMatch1.6.1.1android

AND

googleandroid

CPENameOperatorVersion
estrongs:es_file_explorerestrongs es file explorerle3.0.0
estrongs:es_file_explorerestrongs es file explorereq1.6.0.2
estrongs:es_file_explorerestrongs es file explorereq1.6.1.1

CPE	Name	Operator	Version
estrongs:es_file_explorer	estrongs es file explorer	le	3.0.0
estrongs:es_file_explorer	estrongs es file explorer	eq	1.6.0.2
estrongs:es_file_explorer	estrongs es file explorer	eq	1.6.1.1