CVE-2018-7665

CRITICAL

ClipBucket < 4.0.0 - Unrestricted File Upload via beats_uploader.php/photo_uploader.php/edit_account.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7665. PoCs published by www.sec-consult.com, including Metasploit module exploits/multi/http/clipbucket_fileupload_exec.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in ClipBucket before 4.0.0 (Release 4902) via the beats_uploader.php endpoint. It uploads a PHP payload and executes it to achieve remote code execution.

Description

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.

Exploits (1)

metasploit WORKING POC EXCELLENT
by www.sec-consult.com · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/clipbucket_fileupload_exec.rb

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in ClipBucket before 4.0.0 (Release 4902) via the beats_uploader.php endpoint. It uploads a PHP payload and executes it to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ClipBucket < 4.0.0 - Release 4902
No auth needed
Prerequisites: Network access to the target · ClipBucket installation with vulnerable beats_uploader.php
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.7111
EPSS Percentile 98.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
clip-bucket/clipbucket < 4.0.0
Published Mar 05, 2018
Tracked Since Feb 18, 2026