Description
MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.
Published: 2026-03-11
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Authentication bypass permitting unrestricted FTP access
Action: Disable FTP
AI Analysis

Impact

The MiCode FileExplorer software contains an authentication bypass flaw in its embedded SwiFTP component. When the server receives any username and password pair via the PASS command, it accepts the credentials unconditionally, granting the caller full read, write, and delete permissions on all files exposed through the FTP interface. This flaw directly compromises the confidentiality, integrity, and availability of data stored on the affected system.

Affected Systems

All released versions of MiCode FileExplorer are affected because the bug resides in the core SwiFTP module that is always included in the product binary. The project is declared end‑of‑life, meaning that no security updates or patches will be released, so every deployed instance that enables the FTP feature and exposes it over the network requires remediation.

Risk and Exploitability

The flaw carries a CVSS v3 score of 9.3, denoting critical severity, while an EPSS score of less than 1% indicates that the likelihood of automated exploitation is low. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is over the network, as an attacker can reach the FTP service on the standard port (typically 21) from any external host with network connectivity. Without a vendor patch, the risk to organizations remains high until the embedded FTP server is disabled or removed.

Generated by OpenCVE AI on March 20, 2026 at 16:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Disable or remove the embedded SwiFTP component if it is not required for operations.
  • Block or restrict network access to FTP port 21 using firewall rules or network segmentation, preventing untrusted hosts from reaching the service.
  • If FTP functionality is needed, migrate to a supported FTP solution that enforces proper authentication and receives regular security updates.
  • Continuously monitor network logs for suspicious FTP activity and audit file access to detect potential misuse.

Generated by OpenCVE AI on March 20, 2026 at 16:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Micode
Micode fileexplorer
Vendors & Products Micode
Micode fileexplorer

Wed, 11 Mar 2026 04:30:00 +0000

Type Values Removed Values Added
Description MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.

Wed, 11 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server.
Title MiCode FileExplorer SwiFTP Server Authentication Bypass
Weaknesses CWE-303
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Micode Fileexplorer
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-11T15:39:47.089Z

Reserved: 2026-03-04T15:39:26.872Z

Link: CVE-2026-29515

cve-icon Vulnrichment

Updated: 2026-03-11T15:39:33.894Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T04:17:37.213

Modified: 2026-03-11T13:52:47.683

Link: CVE-2026-29515

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T09:55:34Z

Weaknesses