CVE-2026-25803

Name of the Vulnerable Software and Affected Versions 3DP-MANAGER versions 2.0.1 and prior

Description 3DP-MANAGER, an inbound generator for 3x-ui, automatically creates an administrative account with default credentials (admin/admin) upon initial setup. An attacker with network access to the application’s login interface can exploit this to gain full administrative control, including the ability to manage VPN tunnels and system settings.

Recommendations Update to version 2.0.2 to resolve this issue.