← Voltar para CVEs
CVE-2026-29515
N/ADescricao
MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/11/2026
Ultima modificacao3/11/2026
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-303
Referencias
https://github.com/MiCode/FileExplorer(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/micode-fileexplorer-swiftp-server-authentication-bypass(disclosure@vulncheck.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.