Plattform
redis
Komponente
cachecloud
Behoben in
3.0.1
3.1.1
3.2.1
A cross-site scripting (XSS) vulnerability has been identified in SohuTV CacheCloud versions 3.0 through 3.2.0. This flaw resides within the file preview functionality, allowing attackers to inject malicious scripts into the application. A public exploit is available, indicating a heightened risk of exploitation. The vulnerability is addressed in version 3.2.1.
Successful exploitation of CVE-2025-15172 allows an attacker to execute arbitrary JavaScript code within the context of a victim's browser session. This can lead to various malicious outcomes, including session hijacking, credential theft, and defacement of the CacheCloud interface. The attacker could potentially gain access to sensitive data stored within the CacheCloud system or redirect users to malicious websites. Given the public availability of an exploit, the potential for widespread exploitation is significant, particularly in environments where CacheCloud is exposed to untrusted user input.
A public proof-of-concept (PoC) for CVE-2025-15172 is available, indicating a relatively low barrier to entry for attackers. The vulnerability was reported to the project on an earlier date, but no response has been received, suggesting a potential lack of active maintenance. The vulnerability is not currently listed on CISA KEV as of this writing.
Organizations utilizing SohuTV CacheCloud for caching and content delivery, particularly those running versions 3.0 through 3.2.0, are at risk. Shared hosting environments where CacheCloud is deployed alongside other applications are also vulnerable, as a successful exploit could potentially impact other tenants.
• redis:
INFOCheck the CacheCloud version reported by redis-cli INFO. If it's below 3.2.1, the system is vulnerable.
• generic web:
curl -I <cachecloud_url>/file_preview?file=<malicious_script>Inspect the response headers and body for signs of script execution or unexpected behavior. • generic web:
grep -r 'src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java' /var/log/apache2/access.logLook for access log entries related to the vulnerable controller, potentially indicating exploitation attempts.
disclosure
poc
Exploit-Status
EPSS
0.03% (9% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-15172 is to upgrade to SohuTV CacheCloud version 3.2.1 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing input validation and sanitization on the file preview functionality to prevent the injection of malicious scripts. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. Regularly review and update your WAF rules to ensure they are effective against emerging threats.
Actualice CacheCloud a una versión posterior a 3.2.0 que corrija la vulnerabilidad XSS. Si no hay una versión disponible, revise y filtre las entradas del controlador RedisConfigTemplateController.java para evitar la inyección de código malicioso. Considere deshabilitar la función de vista previa hasta que se aplique una solución.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-15172 is a cross-site scripting (XSS) vulnerability affecting SohuTV CacheCloud versions 3.0–3.2.0, allowing remote attackers to inject malicious scripts via the file preview function.
You are affected if you are running SohuTV CacheCloud versions 3.0, 3.1, or 3.2.0. Upgrade to 3.2.1 or later to mitigate the risk.
Upgrade to SohuTV CacheCloud version 3.2.1 or later. Consider implementing input validation and WAF rules as temporary mitigations.
A public exploit exists, indicating a high probability of active exploitation. Monitor your systems for suspicious activity.
Refer to the SohuTV CacheCloud project's official website or GitHub repository for the latest security advisories and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.