CVE-2026-29515

Sažetak

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.

Reference

https://github.com/MiCode/FileExplorer
https://www.vulncheck.com/advisories/micode-fileexplorer-swiftp-server-authentication-bypass

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

11-03-2026 - 13:52

Objavljeno

11-03-2026 - 04:17