Plateforme
php
Composant
clipbucket-v5
Corrigé dans
5.5.3
CVE-2026-21875 describes a critical SQL Injection vulnerability discovered in ClipBucket v5, an open-source video sharing platform. This flaw allows attackers to inject malicious SQL code through the add comment section of a channel, potentially leading to unauthorized data access and manipulation. Versions 5.5.2-#187 and earlier are affected, and a patch is available in version 5.5.3.
The SQL Injection vulnerability in ClipBucket allows an attacker to bypass authentication and execute arbitrary SQL queries against the database. This could lead to the extraction of sensitive information such as user credentials, video metadata, and potentially even the entire database contents. Successful exploitation could also allow an attacker to modify or delete data, leading to denial of service or further compromise of the system. The blind nature of the injection means attackers may need to perform multiple requests to extract data, but the potential impact remains significant.
This vulnerability was publicly disclosed on 2026-01-07. While no active exploitation campaigns have been publicly reported, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation. No Proof of Concept (PoC) code has been publicly released as of this writing, but the vulnerability's nature makes it likely that one will emerge. It is not currently listed on the CISA KEV catalog.
Organizations and individuals using ClipBucket v5.5.2-#187 or earlier, particularly those hosting the platform on shared hosting environments or without robust security measures in place, are at significant risk. Sites with publicly accessible comment sections are especially vulnerable.
• php: Examine application logs for SQL errors or unusual database queries originating from the /actions/ajax.php endpoint.
grep -i "SQL error" /var/log/apache2/error.log | grep "/actions/ajax.php" • php: Check for modifications to the upload/includes/classes/user.class.php file, particularly the user_exists function.
diff /path/to/upload/includes/classes/user.class.php /path/to/backup/upload/includes/classes/user.class.php• generic web: Monitor for unusual POST requests to /actions/ajax.php with potentially malicious obj_id parameters. Use a WAF or intrusion detection system to identify and block these requests.
disclosure
Statut de l'Exploit
EPSS
0.05% (percentile 14%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-21875 is to immediately upgrade ClipBucket to version 5.5.3 or later, which contains the fix. If upgrading is not immediately possible, consider implementing a Web Application Firewall (WAF) rule to filter out suspicious SQL injection attempts targeting the /actions/ajax.php endpoint, specifically focusing on the obj_id parameter. Input validation and sanitization on the server-side can also help reduce the attack surface. Monitor application logs for unusual database activity.
Actualice ClipBucket a una versión posterior a 5.5.2-#187 cuando haya una disponible. Dado que no hay una solución disponible al momento de la publicación, considere implementar medidas de seguridad adicionales, como la validación y sanitización de entradas, para mitigar el riesgo de inyección SQL hasta que se publique una actualización.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-21875 is a critical SQL Injection vulnerability affecting ClipBucket video sharing platform versions 5.5.2-#187 and earlier, allowing attackers to inject malicious SQL code.
You are affected if you are running ClipBucket version 5.5.2-#187 or earlier. Upgrade to version 5.5.3 or later to resolve the vulnerability.
The recommended fix is to upgrade ClipBucket to version 5.5.3 or later. As a temporary workaround, implement a WAF rule to filter malicious SQL injection attempts.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation.
Refer to the ClipBucket project's official website or security advisories for the latest information and updates regarding CVE-2026-21875.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.