FTP Server Allows Unauthenticated Access with Hardcoded Credentials

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

FTP Server Allows Unauthenticated Access with Hardcoded Credentials

CVE-2025-41710

Summary

An attacker can access an active FTP server using hardcoded login credentials, potentially leading to unauthorized data access or modification. This issue affects systems where the FTP server remains active with default or hardcoded login credentials. To protect your data, update the FTP server's login credentials and ensure they are not hardcoded.

Original title

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.

Original description

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.

nvd CVSS3.1 6.5

Vulnerability type

CWE-798 Use of Hard-coded Credentials

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026