CVE-2025-21623

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ClipBucket V5 versions prior to 5.5.1 - 238

Description The issue allows unauthenticated attackers to change the template directory via a directory traversal, resulting in a denial of service. ClipBucket V5 provides open source video hosting with PHP.

Recommendations For versions prior to 5.5.1 - 238, update to version 5.5.1 - 238 or later to resolve the issue. As a temporary workaround, consider restricting access to the template directory to prevent unauthorized changes.

Exploit

Fix

DoS

Missing Authentication

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-22

Related Identifiers

CVE-2025-21623

GHSA-FFHJ-HPRX-7QVR

Affected Products

Clipbucket

CVE-2025-21623

Weakness Enumeration

Related Identifiers

Affected Products

References · 7