CVE-2025-8530
BaseFortify
Publication date: 2025-08-04
Last updated on: 2025-09-12
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| eladmin | eladmin | to 2.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1392 | The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality. |
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in elunez eladmin up to version 2.7, specifically in the Druid component's configuration file application-prod.yml. It involves manipulation of the login-username and login-password arguments, which leads to the use of default credentials. This means an attacker can remotely exploit this issue to gain unauthorized access by bypassing proper authentication.
How can this vulnerability impact me? :
The vulnerability allows remote attackers to use default credentials to access the system without proper authorization. This can lead to unauthorized access, potentially compromising sensitive data or system integrity depending on the privileges granted by the default credentials.