CVE-2025-25570
published 2025-02-27CVE-2025-25570: Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.00%
78.3th percentile
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect login attempts to the Vue Vben Admin default endpoint with hardcoded credentials by monitoring POST requests to /basic-api/login with JSON body containing username 'vben' or 'test' and password '123456'. ↗
- →Identify exposed Vue Vben Admin instances via Shodan or FOFA by searching for 'vben' or 'vue-vben-admin' in HTTP HTML responses. ↗
- ·Exploitation requires network access to the login interface; the attack vector is network-based with no privileges or user interaction required (CVSS AV:N/AC:L/PR:N/UI:N). ↗
- ·The hardcoded credentials are present in Vue Vben Admin version 2.10.1 specifically; other versions may differ. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Vue Vben Admin - Default Credentials
nuclei·CVSS 9.8
CVE-2025-25570 [CRITICAL] Vue Vben Admin - Default Credentials
Vue Vben Admin - Default Credentials
Vue Vben Admin 2.10.1 contains a broken authentication caused by hardcoded credentials in the backend, letting attackers log in without proper authorization, exploit requires access to the login interface.
Template:
id: CVE-2025-25570
info:
name: Vue Vben Admin - Default Credentials
author: 0x_Akoko
severity: critical
description: |
Vue Vben Admin 2.10.1 contains a broken authentication caused by hardcoded credentials in the backend, letting attackers log in without proper authorization, exploit requires access to the login interface.
impact: |
Attackers can gain unauthorized access to the backend, potentially leading to data theft or system control
remediation: |
Remove hardcoded credentials and implement proper authentication mechanisms, update to
No writeups or analysis indexed.
2025-02-27
Published