CVE-2026-29515 · CVEKit

cve.orgen

463 chars

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.

NVDen

463 chars

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.

NVDes

440 chars

MiCode FileExplorer contiene una vulnerabilidad de omisión de autenticación en el componente de servidor FTP SwiFTP incrustado que permite a los atacantes de red iniciar sesión sin credenciales válidas. Los atacantes pueden enviar combinaciones arbitrarias de nombre de usuario y contraseña al gestor del comando PASS, que concede acceso incondicionalmente y permite listar, leer, escribir y eliminar archivos expuestos por el servidor FTP.

CVSS metrics across sources

3

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0	Primary	cve.org	9.3	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N