CVE-2025-25570

Published Feb 27, 2025

Last updated 10 months ago

CVSS critical 9.8

Overview

Description
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.
Source
cve@mitre.org
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-522

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-25570 ❓ 🏢 Unknown Vendor - Unknown Product 🏗️ Unknown Version 🔗 https://t.co/6RugiiCrDd #CyberCron #VulnAlert https://t.co/GK6PZaBdQv

    @cybercronai

    1 Mar 2025

    17 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

References

Sources include official advisories and independent security research.