cbcvebase.
CVE-2025-25570
published 2025-02-27

CVE-2025-25570: Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.00%
78.3th percentile
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.

Detection & IOCsextracted from sources · hover to see the quote

url/basic-api/login
otherusername: vben, password: 123456
otherusername: test, password: 123456
  • Detect login attempts to the Vue Vben Admin default endpoint with hardcoded credentials by monitoring POST requests to /basic-api/login with JSON body containing username 'vben' or 'test' and password '123456'.
  • Identify exposed Vue Vben Admin instances via Shodan or FOFA by searching for 'vben' or 'vue-vben-admin' in HTTP HTML responses.
  • ·Exploitation requires network access to the login interface; the attack vector is network-based with no privileges or user interaction required (CVSS AV:N/AC:L/PR:N/UI:N).
  • ·The hardcoded credentials are present in Vue Vben Admin version 2.10.1 specifically; other versions may differ.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.