{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-49148", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-06-02T10:39:41.635Z", "datePublished": "2025-06-11T14:53:48.591Z", "dateUpdated": "2025-06-11T15:05:08.241Z"}, "containers": {"cna": {"title": "ClipShare Server Allows Local Privilege Escalation via DLL Hijacking", "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "lang": "en", "description": "CWE-427: Uncontrolled Search Path Element", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j"}], "affected": [{"vendor": "thevindu-w", "product": "clip_share_server", "versions": [{"version": "< 3.8.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-11T14:53:48.591Z"}, "descriptions": [{"lang": "en", "value": "ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5."}], "source": {"advisory": "GHSA-rc47-h83g-2r8j", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-11T15:04:46.497749Z", "id": "CVE-2025-49148", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-11T15:05:08.241Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-49148", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-11T15:04:46.497749Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-11T15:04:49.788Z"}}], "cna": {"title": "ClipShare Server Allows Local Privilege Escalation via DLL Hijacking", "source": {"advisory": "GHSA-rc47-h83g-2r8j", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "thevindu-w", "product": "clip_share_server", "versions": [{"status": "affected", "version": "< 3.8.5"}]}], "references": [{"url": "https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j", "name": "https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-427", "description": "CWE-427: Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-11T14:53:48.591Z"}}}, "cveMetadata": {"cveId": "CVE-2025-49148", "state": "PUBLISHED", "dateUpdated": "2025-06-11T15:05:08.241Z", "dateReserved": "2025-06-02T10:39:41.635Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-06-11T14:53:48.591Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5."}, {"lang": "es", "value": "ClipShare es una herramienta ligera y multiplataforma para compartir el portapapeles. Antes de la versi\u00f3n 3.8.5, ClipShare Server para Windows utilizaba el orden de b\u00fasqueda predeterminado de DLL de Windows y cargaba librer\u00edas del sistema como CRYPTBASE.dll y WindowsCodecs.dll desde su propio directorio antes de la ruta del sistema. Un usuario local sin privilegios que pudiera escribir en la carpeta que contiene clip_share.exe podr\u00eda colocar all\u00ed DLL maliciosas, lo que provocar\u00eda la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del servidor y, si la ejecutaba un administrador (u otro usuario con privilegios elevados), provocar\u00eda una escalada de privilegios local fiable. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 3.8.5."}], "id": "CVE-2025-49148", "lastModified": "2025-06-12T16:06:20.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-06-11T15:15:43.043", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}