← voltar
CVE-2025-67418

CVE-2025-67418

CVSS 9.8 CRITICALEPSS 0.6%CWE-798
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.8EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 dez 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://clipbucket.comhttps://medium.com/@arpit03sharma2003/cve-2025-67418-when-default-credentials-become-a-remote-root-button-03be5ee4b927