Login Sign Up

CVE-2025-21623

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in ClipBucket V5 allows unauthenticated attackers to perform directory traversal attacks to change the template directory, leading to denial of service. All ClipBucket V5 installations prior to version 5.5.1-238 are affected. The attack requires no authentication and can be executed remotely.

💻 Affected Systems

Products:
  • ClipBucket V5
Versions: All versions prior to 5.5.1-238
Operating Systems: All operating systems running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations are vulnerable. The vulnerability exists in the template directory handling mechanism.

📦 What is this software?

Clipbucket by Oxygenz

View all CVEs affecting Clipbucket →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption making the video hosting platform unavailable to all users, potentially requiring manual intervention to restore functionality.

🟠

Likely Case

Temporary denial of service affecting website availability, requiring administrator intervention to restore proper template configuration.

🟢

If Mitigated

Minimal impact with proper input validation and access controls preventing directory traversal attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability requires no authentication and directory traversal attacks are relatively simple to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.5.1-238 or later

Vendor Advisory: https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-ffhj-hprx-7qvr

Restart Required: No

Instructions:

1. Backup your current installation. 2. Download the latest version from the official repository. 3. Replace vulnerable files with patched versions. 4. Verify the fix by checking the version number.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation to block directory traversal sequences in template-related parameters

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block directory traversal patterns
  • Restrict network access to the ClipBucket application to trusted sources only

🔍 How to Verify

Check if Vulnerable:

Check if your ClipBucket version is earlier than 5.5.1-238 by examining the version file or admin panel

Check Version:

Check the version.php file or admin panel system information

Verify Fix Applied:

Verify the version is 5.5.1-238 or later and test template directory functionality

📡 Detection & Monitoring

Log Indicators:

  • Unusual template directory change requests
  • Directory traversal patterns in HTTP requests
  • Multiple failed template loading attempts

Network Indicators:

  • HTTP requests containing '../' sequences in template parameters
  • Unusual spikes in error responses from the application

SIEM Query:

source="web_server" AND (uri="*../*" OR params="*../*") AND dest="clipbucket_host"

📊 Metadata

CVE ID: CVE-2025-21623
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-22
EPSS Score: 1.19% exploit probability (78.4th percentile)
Published: January 7, 2025
Last Updated: September 5, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21623, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)