CVE-2025-49148

ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.3 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j

Configurations

No configuration.

History

12 Jun 2025, 16:06

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-11 15:15

Updated : 2025-06-12 16:06

NVD link : CVE-2025-49148

Mitre link : CVE-2025-49148

CVE.ORG link : CVE-2025-49148

JSON object : View

Products Affected

No product.

CWE

CWE-427

Uncontrolled Search Path Element

{"id": "CVE-2025-49148", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}]}, "published": "2025-06-11T15:15:43.043", "references": [{"url": "https://github.com/thevindu-w/clip_share_server/security/advisories/GHSA-rc47-h83g-2r8j", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5."}, {"lang": "es", "value": "ClipShare es una herramienta ligera y multiplataforma para compartir el portapapeles. Antes de la versi\u00f3n 3.8.5, ClipShare Server para Windows utilizaba el orden de b\u00fasqueda predeterminado de DLL de Windows y cargaba librer\u00edas del sistema como CRYPTBASE.dll y WindowsCodecs.dll desde su propio directorio antes de la ruta del sistema. Un usuario local sin privilegios que pudiera escribir en la carpeta que contiene clip_share.exe podr\u00eda colocar all\u00ed DLL maliciosas, lo que provocar\u00eda la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del servidor y, si la ejecutaba un administrador (u otro usuario con privilegios elevados), provocar\u00eda una escalada de privilegios local fiable. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 3.8.5."}], "lastModified": "2025-06-12T16:06:20.180", "sourceIdentifier": "security-advisories@github.com"}