Description

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.

INFO

Published Date :

2025-12-01T22:28:59.982Z

Last Modified :

2025-12-02T14:12:10.529Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-66410 vulnerability.

Vendors Products
Flipped-aurora
  • Gin-vue-admin
Gin-vue-admin Project
  • Gin-vue-admin
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-66410.

URL Resource
https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6 cve-icon cve-icon
https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact