CVE Catalog

CVE-2025-67418

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.44%

35th percentile - higher than 35% of all known CVEs

Summary

ClipBucket 5.5.2 is shipped with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the admin panel, gaining full administrative control of the application.

Risk Assessment

The risk is that an unauthorized attacker can take full control of the application, potentially leading to data theft, content manipulation, or further attacks on the infrastructure.

Recommendation

Immediately change the default administrative credentials to a unique, strong password. Consider implementing additional authentication mechanisms such as MFA.

Original NVD description (English source)

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS