CVE-2020-35173

2020-12-3019:04:12

mitre

www.cve.org

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.2%

JSON

The Amaze File Manager application before 3.4.2 for Android does not properly restrict intents for controlling the FTP server (aka services.ftpservice.FTPReceiver.ACTION_START_FTPSERVER and services.ftpservice.FTPReceiver.ACTION_STOP_FTPSERVER).

References

github.com/TeamAmaze/AmazeFileManager/compare/v3.4.1...v3.4.2

github.com/TeamAmaze/AmazeFileManager/pull/1815

play.google.com/store/apps/details?id=com.amaze.filemanager&hl=en_US&gl=US