Plateforme
java
Composant
cachecloud
Corrigé dans
3.0.1
3.1.1
3.2.1
CVE-2025-15174 describes a cross-site scripting (XSS) vulnerability affecting SohuTV CacheCloud versions 3.0 through 3.2.0. This vulnerability allows attackers to inject malicious scripts into the application, potentially leading to data theft or session hijacking. The issue resides within the doAppAuditList function of the AppManageController.java file. A patch is available in version 3.2.1.
Successful exploitation of CVE-2025-15174 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can be leveraged to steal sensitive information like cookies, session tokens, and user credentials. An attacker could also redirect users to malicious websites or deface the application. Given the publicly disclosed nature of the exploit, the risk of exploitation is elevated, particularly if systems are not promptly patched. The impact is amplified if CacheCloud is integrated with other systems, potentially enabling lateral movement within the network.
CVE-2025-15174 was publicly disclosed on 2025-12-29. A proof-of-concept exploit is publicly available, indicating a relatively low barrier to entry for attackers. The vulnerability has been added to the CISA KEV catalog, signifying a heightened risk. Given the public availability of the exploit and the lack of a response from the project, active exploitation is considered probable.
Organizations running SohuTV CacheCloud in production environments, particularly those with publicly accessible instances or those that integrate CacheCloud with other sensitive systems, are at risk. Shared hosting environments where multiple users share the same CacheCloud instance are also particularly vulnerable, as an attacker could potentially exploit the vulnerability to target other users.
• java / server: Monitor application logs for suspicious requests targeting the doAppAuditList endpoint. Look for unusual characters or patterns indicative of XSS payloads.
grep -i 'script|onload|onerror' /var/log/cachecloud/app.log• generic web: Use curl to test the doAppAuditList endpoint with various payloads to identify potential XSS vulnerabilities.
curl -X POST -d '<script>alert("XSS")</script>' https://your-cachecloud-instance/app/auditList• generic web: Examine response headers for the presence of Content Security Policy (CSP) directives. A strong CSP can mitigate the impact of XSS vulnerabilities.
curl -I https://your-cachecloud-instance/app/auditListdisclosure
poc
kev
Statut de l'Exploit
EPSS
0.03% (percentile 9%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-15174 is to upgrade SohuTV CacheCloud to version 3.2.1 or later, which contains the fix. If immediate upgrading is not feasible, consider implementing input validation and output encoding on the doAppAuditList endpoint to sanitize user-supplied data. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. Thoroughly review and update any custom code interacting with the doAppAuditList function to ensure proper sanitization.
Actualizar CacheCloud a una versión posterior a 3.2.0 que corrija la vulnerabilidad XSS. Si no hay una versión disponible, revisar y sanitizar las entradas de usuario en la función doAppAuditList del archivo AppManageController.java para evitar la inyección de código malicioso.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-15174 is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud versions 3.0-3.2.0, allowing attackers to inject malicious scripts and potentially steal user data.
If you are running SohuTV CacheCloud versions 3.0, 3.1, or 3.2.0, you are potentially affected by this vulnerability.
Upgrade SohuTV CacheCloud to version 3.2.1 or later to resolve the vulnerability. Implement input validation and output encoding as a temporary workaround.
Due to the public availability of a proof-of-concept exploit and its addition to the CISA KEV catalog, active exploitation is considered probable.
Refer to the SohuTV CacheCloud project's official website or communication channels for the latest advisory regarding CVE-2025-15174.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier pom.xml et nous te dirons instantanément si tu es affecté.