Description

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.

INFO

Published Date :

2026-03-11T03:23:00.932Z

Last Modified :

2026-03-11T15:39:47.089Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2026-29515 vulnerability.

Vendors Products
Micode
  • Fileexplorer
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-29515.

URL Resource
https://github.com/MiCode/FileExplorer cve-icon cve-icon
https://www.vulncheck.com/advisories/micode-fileexplorer-swiftp-server-authentication-bypass cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability