CVE-2025-25570
Published: 27 February 2025
Description
Adversaries may obtain and abuse credentials of a default account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
Security Summary
CVE-2025-25570 is a critical authentication bypass vulnerability in Vue Vben Admin version 2.10.1, stemming from hardcoded credentials that enable unauthorized login to the backend management interface. This issue maps to CWE-522 (Insufficiently Protected Credentials) and CWE-798 (Use of Hard-coded Credentials), earning a CVSS v3.1 base score of 9.8 due to its network accessibility, low attack complexity, and lack of prerequisites like privileges or user interaction.
Remote attackers require only network access to the affected instance, with no authentication or special privileges needed to exploit the flaw. Successful exploitation grants full backend access, allowing high-impact compromise of confidentiality (e.g., data exfiltration), integrity (e.g., data tampering), and availability (e.g., service disruption).
Mitigation details and advisories are referenced in the GitHub repository at https://github.com/Hackerhan/Vben-Admin, where security practitioners should check for patches, updates, or remediation guidance specific to Vue Vben Admin 2.10.1.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Hardcoded credentials enable remote unauthorized access to the public-facing admin interface (T1190) by abusing embedded valid/default credentials (T1078.001) for initial access without authentication.