CVE-2026-25803 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default cr…
Critical CVSS: 9.8

CVE-2026-25803

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first initialization. Attackers with network access to the application's login interface can gain full administrative control, managing VPN tunnels and system settings. This issue will be patched in version 2.0.2.
Vendor
Denpiligrim
Product
3dp-manager
CWE
CWE-798
Yayın Tarihi
2026-02-06 23:15:54
Güncelleme
2026-03-17 20:43:52
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-798 3dp-manager CRITICAL Denpiligrim 2026

Referanslar

https://github.com/denpiligrim/3dp-manager/commit/f568de41de97dd1b70a963708a1ee18e52b9d248 https://github.com/denpiligrim/3dp-manager/security/advisories/GHSA-5x57-h7cw-9jmw