PT-2025-9029 · Unknown · Vue Vben Admin

Hackerhan

Published

2025-02-27

Updated

2026-01-13

CVE-2025-25570

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Vue Vben Admin version 2.10.1

Description Vue Vben Admin version 2.10.1 allows unauthorized login to the backend due to hardcoded credentials. The issue stems from a broken authentication mechanism caused by the presence of pre-defined credentials within the system.

Recommendations For Vue Vben Admin version 2.10.1, change the hardcoded credentials to prevent unauthorized access to the backend.

Exploit

Fix

Insufficiently Protected Credentials

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-798

Related Identifiers

CVE-2025-25570

Affected Products

Vue Vben Admin

PT-2025-9029 · Unknown · Vue Vben Admin

CVE-2025-25570

Weakness Enumeration

Related Identifiers

Affected Products

References · 8