A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/8xxx/CVE-2025-8530.json",
"cwe_ids": [
"CWE-1392"
],
"unresolved_ranges": [
{
"extracted_events": [
{
"introduced": "2.0"
},
{
"last_affected": "2.0"
},
{
"introduced": "2.1"
},
{
"last_affected": "2.1"
},
{
"introduced": "2.2"
},
{
"last_affected": "2.2"
},
{
"introduced": "2.3"
},
{
"last_affected": "2.3"
},
{
"introduced": "2.4"
},
{
"last_affected": "2.4"
},
{
"introduced": "2.5"
},
{
"last_affected": "2.5"
},
{
"introduced": "2.6"
},
{
"last_affected": "2.6"
}
],
"source": "AFFECTED_FIELD"
}
],
"cna_assigner": "VulDB"
}