CVE-2025-67418
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk35th percentile - higher than 35% of all known CVEs
Summary
ClipBucket 5.5.2 is shipped with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the admin panel, gaining full administrative control of the application.
Risk Assessment
The risk is that an unauthorized attacker can take full control of the application, potentially leading to data theft, content manipulation, or further attacks on the infrastructure.
Recommendation
Immediately change the default administrative credentials to a unique, strong password. Consider implementing additional authentication mechanisms such as MFA.
Original NVD description (English source)
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

