Cyber Resilience

CVE-2025-8530

MediumPublic PoC

Published: 04 August 2025

Published
04 August 2025
Modified
12 September 2025
KEV Added
Patch
CVSS Score v4 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0024 46.7th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8530 is a medium-severity Use of Default Credentials (CWE-1392) vulnerability in Eladmin Eladmin. Its CVSS base score is 5.5 (Medium).

Operationally, ranked at the 46.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to…

more

use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

eladmin
eladmin
≤ 2.7

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-798 CWE-1392

Policy and procedures prohibit hard-coded credentials in favor of managed authentication.

addresses: CWE-798 CWE-1392

Changing default authenticators prior to first use and protecting content prevents use of hard-coded credentials.

addresses: CWE-798 CWE-1392

Strategy enforces supplier requirements and code reviews that reduce hard-coded credentials introduced through acquired products.

addresses: CWE-798 CWE-1392

Requiring security functional requirements and acceptance criteria allows contracts to prohibit hard-coded credentials in delivered systems or components.

addresses: CWE-798 CWE-1392

Known vulnerabilities section of admin docs covers hard-coded credentials and how to replace them, limiting their use in deployments.

addresses: CWE-798

Enables users to notice when hard-coded credentials have been exploited for unauthorized access.

addresses: CWE-798

Security training explicitly warns against hard-coded credentials, lowering their use in systems.

addresses: CWE-1392

Mandates replacement of default credentials during secure configuration and provisioning procedures.

References