diff --git a/default-logins/xui-weak-login.yaml b/default-logins/xui-weak-login.yaml
new file mode 100644
index 00000000000..3c7957dfaad
--- /dev/null
+++ b/default-logins/xui-weak-login.yaml
@@ -0,0 +1,48 @@
+id: xui-weak-login
+
+info:
+  name: X-UI Login Default Login
+  author: dali
+  severity: high
+  description: |
+    X-UI Default Login Credentials.
+  reference:
+    - https://github.com/vaxilu/x-ui
+    - https://seakfind.github.io/2021/10/10/X-UI/#:~:text=By%20default%2C%20the%20login%20user,the%20password%20is%20also%20admin%20.
+  classification:
+    cwe-id: CWE-798
+  metadata:
+    verified: "true"
+    shodan-query: title:"X-UI Login"
+  tags: x-ui,default-login
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/login"
+    headers:
+      content-type: application/x-www-form-urlencoded
+    body: "username={{username}}&password={{password}}"
+
+    payloads:
+      username:
+        - "admin"
+      password:
+        - "admin"
+    attack: pitchfork
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"success":true'
+
+      - type: word
+        part: header
+        words:
+          - 'application/json'
+
+      - type: status
+        status:
+          - 200