LOWCVE-2025-15173CVSS 3.5

CVE-2025-15173: XSS in SohuTV CacheCloud

Platform

java

Component

cachecloud

Fixed in

3.0.1

3.1.1

3.2.1

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026

View on NVD

Save

CVE-2025-15173 describes a cross-site scripting (XSS) vulnerability affecting SohuTV CacheCloud versions 3.0 through 3.2.0. This flaw resides within the advancedAnalysis function of the InstanceController.java file, allowing remote attackers to inject malicious scripts. A public exploit is available, highlighting the potential for immediate exploitation. The vulnerability has been reported to the project, but no response has been received.

Impact and Attack Scenarios

Successful exploitation of CVE-2025-15173 allows an attacker to inject arbitrary JavaScript code into the web application. This can lead to various malicious outcomes, including session hijacking, defacement of the CacheCloud interface, and redirection of users to phishing sites. The attacker could potentially steal sensitive information, such as user credentials or API keys, if they are handled within the application. Given the public availability of an exploit, the risk of immediate exploitation is significant. The blast radius extends to any user interacting with the vulnerable CacheCloud instance.

Exploitation Context

CVE-2025-15173 has been publicly disclosed and a proof-of-concept exploit is available, indicating a high probability of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. The lack of a response from the project raises concerns about the timeliness of future security updates.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

EPSS

0.03% (9% percentile)

CISA SSVC

Exploitationpoc

Automatableno

Technical Impactpartial

CVSS Vector

Affected Software

Componentcachecloud

VendorSohuTV

Affected rangeFixed in

3.0 – 3.03.0.1

3.1 – 3.13.1.1

3.2.0 – 3.2.03.2.1

Weakness Classification (CWE)

CWE-79 CWE-94

Timeline

Reserved2025-12-28
Published2025-12-29
EPSS updated2026-03-23

Mitigation and Workarounds

The primary mitigation for CVE-2025-15173 is to upgrade to version 3.2.1 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing input validation and output encoding on user-supplied data within the advancedAnalysis function. Web application firewalls (WAFs) configured to detect and block XSS payloads can provide an additional layer of defense. Monitor access logs for suspicious requests containing JavaScript code or unusual URL parameters. After upgrading, confirm the fix by attempting to trigger the vulnerable endpoint with a known malicious payload and verifying that the script is not executed.

How to fix

Update CacheCloud to a version later than 3.2.0 that fixes the XSS vulnerability. If no version is available, review and filter user inputs in the advancedAnalysis function of the InstanceController.java file to prevent the injection of malicious code.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-15173 — XSS in SohuTV CacheCloud?

CVE-2025-15173 is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud versions 3.0-3.2.0, allowing remote attackers to inject malicious scripts.

Am I affected by CVE-2025-15173 in SohuTV CacheCloud?

Yes, if you are using SohuTV CacheCloud versions 3.0, 3.1, or 3.2.0, you are vulnerable to this XSS attack.

How do I fix CVE-2025-15173 in SohuTV CacheCloud?

Upgrade to version 3.2.1 or later to resolve the vulnerability. Consider input validation and WAF rules as temporary mitigations.

Is CVE-2025-15173 being actively exploited?

Yes, a public exploit is available, indicating a high probability of active exploitation.

Where can I find the official SohuTV advisory for CVE-2025-15173?

As of this writing, no official advisory has been published by SohuTV. Monitor their website and security mailing lists for updates.