CVE-2025-57799
Published: 01 September 2025
Summary
CVE-2025-57799 is a high-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 8.7 (High).
Operationally, ranked in the top 20.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
StreamVault is a multi-platform video parsing and downloading tool that is affected by a command-injection vulnerability (CWE-78) in all versions prior to 250822. After an attacker logs into the StreamVault system, they can modify certain system parameters to construct and execute malicious commands, resulting in remote code execution that grants full server privileges. The issue is especially severe for deployments that retain default or weak background passwords, as these allow initial access without additional authentication barriers. The vulnerability carries a CVSS 4.0 score of 8.7 with network attack vector and high impact on confidentiality, integrity, and availability.
An authenticated attacker who obtains valid credentials can exploit the flaw remotely to achieve arbitrary command execution and full system takeover. Because the attack requires only low-privilege login and no user interaction, any exposed instance with unchanged default credentials is at immediate risk of compromise.
The official GitHub security advisory GHSA-qg4r-92hv-g9f4 and the patch commit 2e3f1f54b7d8a4e6389b640796866ac1108780ef state that the vulnerability has been fixed in version 250822; administrators are advised to update immediately and ensure background passwords are changed from defaults. The current EPSS score of 0.0126, with a peak of only 0.0144, indicates limited observed exploitation interest to date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-26347
Vulnerability details
StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks against the system, and ultimately gain server privileges.…
more
Users of all versions of the StreamVault system to date who have not modified their background passwords or use weak passwords are at risk of having their systems taken over via remote command execution. This issue has been patched in version 250822.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.