CVE 9.8 CRITICAL

CVE-2025-67418_CVE-2025-67418

December 22, 2025 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

AI Analysis

Improper access control issue due to hardcoded default administrative credentials

Basic Information

ID CVE-2025-67418

Source mitre

Published Dec 22, 2025 at 00:00

Modified Dec 22, 2025 at 19:53

Affected Product

Vendor ClipBucket Team

Product ClipBucket

Version 5.5.2

Affected Versions n/a n/a n/a

CWE Classification

CWE-798

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor ClipBucket Team

Product ClipBucket

Version 5.5.2

References

{
    "lastseen": "",
    "description": "ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.",
    "published": "2025-12-22T00:00:00.000Z",
    "modified": "2025-12-22T19:53:45.499Z",
    "type": "cve",
    "title": "CVE-2025-67418",
    "source": "mitre",
    "references": "http://clipbucket.com\nhttps://medium.com/@arpit03sharma2003/cve-2025-67418-when-default-credentials-become-a-remote-root-button-03be5ee4b927",
    "id": "CVE-2025-67418",
    "bulletinFamily": "",
    "cwe": [
        "CWE-798"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ClipBucket",
    "version": "5.5.2",
    "vendor": "ClipBucket Team",
    "ai_description": "Improper access control issue due to hardcoded default administrative credentials",
    "ai_severity": "Critical",
    "ai_vendor": "ClipBucket Team",
    "ai_product": "ClipBucket",
    "ai_version": "5.5.2",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply