Clash Verge Rev thru 2.2.3 forces the installation of system services(clash-verge-service) by default and exposes key functions through the unauthorized HTTP API `/start_clash`, allowing local users to submit arbitrary bin_path parameters and pass them directly to the service process for execution, resulting in local privilege escalation.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

No data.

References
Link Providers
https://github.com/bron1e/CVE-2025-50505 cve-icon cve-icon
https://github.com/clash-verge-rev/clash-verge-rev cve-icon cve-icon
https://github.com/clash-verge-rev/clash-verge-service cve-icon cve-icon
https://www.clashverge.dev/ cve-icon cve-icon
History

Tue, 07 Oct 2025 14:00:00 +0000

Type Values Removed Values Added
Description Clash Verge Rev thru 2.2.3 forces the installation of system services(clash-verge-service) by default and exposes key functions through the unauthorized HTTP API `/start_clash`, allowing local users to submit arbitrary bin_path parameters and pass them directly to the service process for execution, resulting in local privilege escalation.
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-10-07T13:50:32.412Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-50505

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-10-07T14:15:37.120

Modified: 2025-10-07T14:15:37.120

Link: CVE-2025-50505

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.