The file manager ES File Explorer is one of the most widely used explorer apps for Android. If you happen to have the app on your smartphone, delete it immediately.
Research shows that ES File Explorer is vulnerable to hackers. Malicious persons, who are on the same network, can exploit the vulnerability and copy files from the smartphone (including photos and videos). You can also check which apps are on the device. That makes ES File Explorer users especially vulnerable when connecting their Android to a public network.
The vulnerability is caused because the app starts a web server, perhaps to stream videos to other devices. By misusing open ports in the web server, files on the Android device can be accessed.
Every version of ES File Explorer is vulnerable. Moreover, it is one of the most popular explorers for Android, which has already been downloaded 100 million times from the Play Store.
It's not the first time ES File Explorer has been cast in a bad light. Back in 2016 we warned about the explorer app. Then ES File Explorer received bad news because the developer added dubious things to the app: think of advertisements that appeared even when you did not have the app open and a charging screen that appeared full screen when you connected the charger to the device. Despite the claims that the charging screen helped to charge faster, it was really just a full-screen advertisement.
Alternatives to ES File Explorer
It is clear that the app developers of ES File Explorer do not want the best for the users. It is recommended to remove ES File Explorer directly from your Android. After removing the app, you are no longer vulnerable to the security hole. Fortunately, there are plenty of alternative explorer apps for Android that are safe.