Cyber Posture

CVE-2025-1160

HighPublic PoC

Published: 10 February 2025

Published
10 February 2025
Modified
03 March 2025
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0013 31.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1160 is a high-severity Use of Default Credentials (CWE-1392) vulnerability in Remyandrade Employee Management System. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Default Accounts (T1078.001); ranked at the 31.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-2 (Account Management) and IA-5 (Authenticator Management).

Threat & Defense at a Glance

What attackers do: exploitation maps to Default Accounts (T1078.001). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match
prevent

Directly requires changing default authenticators prior to first use, preventing exploitation of the hardcoded default username and password credentials in index.php.

AC-2 Account Management good match
prevent

Mandates management of accounts including disabling unnecessary or inactive default accounts and updating credentials to block unauthorized remote access.

SI-2 Flaw Remediation good match
prevent

Requires timely identification, reporting, and remediation of flaws like this default credentials vulnerability through patching or configuration changes.

MITRE ATT&CK Enterprise TechniquesAI

T1078.001 Default Accounts Stealth
Adversaries may obtain and abuse credentials of a default account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
attack.mitre.org →
Why these techniques?

Direct use of default credentials in a remotely accessible web application (index.php login) enables Initial Access via Valid Accounts (Default Accounts).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials.…

more

The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Deeper analysisAI

CVE-2025-1160 is a critical vulnerability in SourceCodester Employee Management System 1.0, published on 2025-02-10. It affects an unknown functionality within the file index.php, where manipulation of the username and password arguments enables the use of default credentials. The issue is classified under CWE-1392 and NVD-CWE-Other, with a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).

The vulnerability can be exploited remotely by any unauthenticated attacker requiring low attack complexity and no user interaction. Successful exploitation grants limited access via the default credentials, potentially allowing low-level impacts on confidentiality, integrity, and availability.

VulDB advisories (ctiid.295064, id.295064, and submit.493860) detail the vulnerability, while a proof-of-concept exploit has been publicly disclosed on GitHub at https://gist.github.com/jmx0hxq/0e9cde14b6e9190a7451cd72d7b23bfd. The vendor site is available at https://www.sourcecodester.com/. No specific patch or mitigation details are provided in the referenced sources.

Details

CWE(s)
CWE-1392NVD-CWE-Other

Affected Products

remyandrade
employee management system
1.0

CVEs Like This One

CVE-2025-8731Shared CWE-1392
CVE-2026-26341Shared CWE-1392
CVE-2025-2398Shared CWE-1392
CVE-2025-54756Shared CWE-1392
CVE-2025-10542Shared CWE-1392
CVE-2026-27751Shared CWE-1392
CVE-2026-1803Shared CWE-1392
CVE-2026-1972Shared CWE-1392
CVE-2022-50803Shared CWE-1392
CVE-2025-1166Same vendor: Remyandrade

References