CVE-2025-67418

Critical CVSS: 9.8

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

Vendor

Oxygenz

Product

Clipbucket

CWE

CWE-798

Yayın Tarihi

2025-12-22 20:15:45

Güncelleme

2026-01-02 17:39:50

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-798 Clipbucket CRITICAL Oxygenz 2025

Referanslar

http://clipbucket.com https://medium.com/@arpit03sharma2003/cve-2025-67418-when-default-credentials-become-a-remote-root-button-03be5ee4b927

Benzer Kayıtlar

High

CVE-2026-32321

ClipBucket v5 is an open source video sharing platform. An authenticated time-based blind SQL injection vulnerability ex…

Medium

CVE-2026-28354

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, collection item operations are vulne…

Low

CVE-2026-26997

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, a normal authenticated user can stor…

Medium

CVE-2026-26005

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #45, in Clip Bucket V5, The Remote Play allows…

Critical

CVE-2026-25728

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) ra…

Critical

CVE-2026-21875

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-#187 and below allow an attacker to perform Blind…