CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
EPSS
Percentile
62.0%
AndExplorer provided by LYSESOFT contains an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability.
A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges to access.
Update the software
Update the software if you are using a version of AndExplorer that was downloaded prior to April 3, 2014 or using a version of AndExplorerPro that was downloaded prior to April 5, 2014.
The software version that is downloaded will differ depending on the version of Android OS that you are using.