Platform
redis
Component
cachecloud
Fixed in
3.0.1
3.1.1
3.2.1
A cross-site scripting (XSS) vulnerability has been identified in SohuTV CacheCloud versions 3.0 through 3.2.0. This flaw resides within the file preview functionality, allowing attackers to inject malicious scripts into the application. A public exploit is available, indicating a heightened risk of exploitation. The vulnerability is addressed in version 3.2.1.
Successful exploitation of CVE-2025-15172 allows an attacker to execute arbitrary JavaScript code within the context of a victim's browser session. This can lead to various malicious outcomes, including session hijacking, credential theft, and defacement of the CacheCloud interface. The attacker could potentially gain access to sensitive data stored within the CacheCloud system or redirect users to malicious websites. Given the public availability of an exploit, the potential for widespread exploitation is significant, particularly in environments where CacheCloud is exposed to untrusted user input.
A public proof-of-concept (PoC) for CVE-2025-15172 is available, indicating a relatively low barrier to entry for attackers. The vulnerability was reported to the project on an earlier date, but no response has been received, suggesting a potential lack of active maintenance. The vulnerability is not currently listed on CISA KEV as of this writing.
Exploit Status
EPSS
0.03% (9% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-15172 is to upgrade to SohuTV CacheCloud version 3.2.1 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing input validation and sanitization on the file preview functionality to prevent the injection of malicious scripts. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. Regularly review and update your WAF rules to ensure they are effective against emerging threats.
Update CacheCloud to a version later than 3.2.0 that fixes the XSS vulnerability. If no version is available, review and filter the inputs of the RedisConfigTemplateController.java controller to prevent the injection of malicious code. Consider disabling the preview function until a fix is applied.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-15172 is a cross-site scripting (XSS) vulnerability affecting SohuTV CacheCloud versions 3.0–3.2.0, allowing remote attackers to inject malicious scripts via the file preview function.
You are affected if you are running SohuTV CacheCloud versions 3.0, 3.1, or 3.2.0. Upgrade to 3.2.1 or later to mitigate the risk.
Upgrade to SohuTV CacheCloud version 3.2.1 or later. Consider implementing input validation and WAF rules as temporary mitigations.
A public exploit exists, indicating a high probability of active exploitation. Monitor your systems for suspicious activity.
Refer to the SohuTV CacheCloud project's official website or GitHub repository for the latest security advisories and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.