fkie_cve-2025-21624
Vulnerability from fkie_nvd
Published
2025-01-07 16:15
Modified
2025-09-05 16:28
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script file instead of an image file, thus allowing a webshell or other malicious files to be stored and executed on the server. This attack vector exists in both the admin area and low-level user area. This vulnerability is fixed in 5.5.1 - 239.
References
security-advisories@github.comhttps://github.com/MacWarrior/clipbucket-v5/commit/893bfb0f1236c4a59b5e2843ab8d27a1e491b12bPatch
security-advisories@github.comhttps://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-98vm-2xqm-xrccExploit, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-98vm-2xqm-xrccExploit, Vendor Advisory
Impacted products
Vendor Product Version
oxygenz clipbucket *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oxygenz:clipbucket:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F73C26AF-6B17-4C66-87F4-5F77B2E5AAD0",
              "versionEndExcluding": "5.5.1-239",
              "versionStartIncluding": "5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script file instead of an image file, thus allowing a webshell or other malicious files to be stored and executed on the server. This attack vector exists in both the admin area and low-level user area. This vulnerability is fixed in 5.5.1 - 239."
    },
    {
      "lang": "es",
      "value": "ClipBucket V5 ofrece alojamiento de v\u00eddeo de c\u00f3digo abierto con PHP. Antes de la versi\u00f3n 5.5.1 - 239, exist\u00eda una vulnerabilidad de carga de archivos en la funci\u00f3n de gesti\u00f3n de listas de reproducci\u00f3n de la aplicaci\u00f3n, espec\u00edficamente relacionada con la carga de im\u00e1genes de portada de listas de reproducci\u00f3n. Sin las comprobaciones adecuadas, un atacante puede cargar un archivo de script PHP en lugar de un archivo de imagen, lo que permite almacenar y ejecutar un webshell u otros archivos maliciosos en el servidor. Este vector de ataque existe tanto en el \u00e1rea de administraci\u00f3n como en el \u00e1rea de usuario de bajo nivel. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 5.5.1 - 239."
    }
  ],
  "id": "CVE-2025-21624",
  "lastModified": "2025-09-05T16:28:26.290",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-07T16:15:40.853",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/MacWarrior/clipbucket-v5/commit/893bfb0f1236c4a59b5e2843ab8d27a1e491b12b"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-98vm-2xqm-xrcc"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-98vm-2xqm-xrcc"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.