{"vulnerability": "cve-2025-2557", "sightings": [{"uuid": "42b9b2c6-7db9-403f-baa5-b8cbdf3dfc0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "seen", "source": "https://t.me/cvedetector/19102", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25570 - Vue Vben Admin Insecure Hardcoded Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25570 \nPublished : Feb. 27, 2025, 10:15 p.m. | 1\u00a0hour, 31\u00a0minutes ago \nDescription : Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T01:08:16.000000Z"}, {"uuid": "142e2044-a4a1-4696-9f78-8eab8e402697", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5926", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25570\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T17:20:12.273Z\n\ud83d\udd17 References:\n1. https://github.com/Hackerhan/Vben-Admin", "creation_timestamp": "2025-02-28T17:27:11.000000Z"}, {"uuid": "923cfd73-0470-4d99-be27-001cd351a8db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25579", "type": "seen", "source": "https://t.me/cvedetector/21476", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25579 - TOTOLINK A3002R Authentication Bypass Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25579 \nPublished : March 28, 2025, 10:15 p.m. | 31\u00a0minutes ago \nDescription : TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-29T00:26:51.000000Z"}, {"uuid": "3883954a-32ae-4f09-9d5c-27528491e9be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "seen", "source": "Telegram/erjuHfn6iB7pvwSU3sYNgwlxlWBDTwUfEu3WD7OMZcfyKuhP", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"}, {"uuid": "06a2bdf8-7961-43d1-9953-5147265feaa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "seen", "source": "Telegram/U_TwxPat1lDcHzctgmC5CSqJ3QgNSu9YaaB_3rr2IK-owF8s", "content": "", "creation_timestamp": "2025-03-02T11:44:21.000000Z"}, {"uuid": "0f3af09f-927c-4602-b86c-0ba6ee3d8187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2557", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lktswtmtas26", "content": "", "creation_timestamp": "2025-03-20T23:09:09.626022Z"}, {"uuid": "914c373e-7f98-4241-b25e-3be326b274fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114083241335022580", "content": "", "creation_timestamp": "2025-02-28T19:49:12.032242Z"}, {"uuid": "70153c52-94e1-4e91-953f-e8535c4b7d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2557", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114196328635864824", "content": "", "creation_timestamp": "2025-03-20T19:08:12.544431Z"}, {"uuid": "7035b37f-1144-4229-9153-5392cfa6b42b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-25570.yaml", "content": "", "creation_timestamp": "2026-01-12T23:11:23.000000Z"}, {"uuid": "b45d52dc-4fc0-47d6-97fc-8e049d5ad8a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25579", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114258772073299925", "content": "", "creation_timestamp": "2025-03-31T19:48:22.182267Z"}, {"uuid": "f09c3b36-af44-4703-b474-229fb6dc2673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25579", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114258772073299925", "content": "", "creation_timestamp": "2025-03-31T19:48:22.191771Z"}, {"uuid": "bc0b28c1-ed6c-478b-ba70-68dd4d1b08f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj7ccu2uix2w", "content": "", "creation_timestamp": "2025-02-28T01:53:14.091389Z"}, {"uuid": "7961be2b-98c5-40bb-910d-1d167906c359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25570", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcfxrjrxfo24", "content": "", "creation_timestamp": "2026-01-14T21:03:05.593013Z"}, {"uuid": "8f182b15-5d24-4ce4-91a9-996a98a0ddef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25579", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9489", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25579\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr.\n\ud83d\udccf Published: 2025-03-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T21:35:32.239Z\n\ud83d\udd17 References:\n1. https://github.com/regainer27/totolink_A3002R_remote_command_exec\n2. https://gist.github.com/regainer27/0abf6f56eae3fa2826d2551e22c2ace3", "creation_timestamp": "2025-03-28T22:28:28.000000Z"}, {"uuid": "16e817bf-7129-48fd-81ad-9a0e0a6d9a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2557", "type": "seen", "source": "https://t.me/cvedetector/20760", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2557 - \"Audi UTR Dashcam 2.0 Command API Local Network Access Control Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-2557 \nPublished : March 20, 2025, 7:15 p.m. | 59\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in Audi UTR Dashcam 2.0. Affected by this issue is some unknown functionality of the component Command API. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. Upgrading to version 2.89 and 2.90 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about these issues and acted very professional. Version 2.89 is fixing this issue for new customers and 2.90 is going to fix it for existing customers. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T21:34:59.000000Z"}]}