Cyber Resilience

CVE-2025-57799

HighRCE

Published: 01 September 2025

Published
01 September 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0126 79.9th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-57799 is a high-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 8.7 (High).

Operationally, ranked in the top 20.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

StreamVault is a multi-platform video parsing and downloading tool that is affected by a command-injection vulnerability (CWE-78) in all versions prior to 250822. After an attacker logs into the StreamVault system, they can modify certain system parameters to construct and execute malicious commands, resulting in remote code execution that grants full server privileges. The issue is especially severe for deployments that retain default or weak background passwords, as these allow initial access without additional authentication barriers. The vulnerability carries a CVSS 4.0 score of 8.7 with network attack vector and high impact on confidentiality, integrity, and availability.

An authenticated attacker who obtains valid credentials can exploit the flaw remotely to achieve arbitrary command execution and full system takeover. Because the attack requires only low-privilege login and no user interaction, any exposed instance with unchanged default credentials is at immediate risk of compromise.

The official GitHub security advisory GHSA-qg4r-92hv-g9f4 and the patch commit 2e3f1f54b7d8a4e6389b640796866ac1108780ef state that the vulnerability has been fixed in version 250822; administrators are advised to update immediately and ensure background passwords are changed from defaults. The current EPSS score of 0.0126, with a peak of only 0.0144, indicates limited observed exploitation interest to date.

EU & UK References

Vulnerability details

StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks against the system, and ultimately gain server privileges.…

more

Users of all versions of the StreamVault system to date who have not modified their background passwords or use weak passwords are at risk of having their systems taken over via remote command execution. This issue has been patched in version 250822.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-78

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

addresses: CWE-78

Validates inputs to block special elements that would alter OS command execution.

References