CVE-2025-62511

MEDIUM EPSS 1.1%
Published Oct 17, 20258mo ago · Modified Jun 17, 20262w ago
6.3 CVSS 3.1
Medium
Find Similar
Published Oct 17, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago

Description

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use (TOCTOU) race condition (CWE-367) in the creation of the default configuration file config.json. In version 1.0, load_json_settings in Settings.hpp checks for the existence of config.json using boost::filesystem::exists and, if the file is missing, calls create_json_settings which writes the JSON configuration with boost::property_tree::write_json. A local attacker with write access to the application’s configuration directory (~/.config/yt-grabber-tui on Linux or the current working directory on Windows) can create a symbolic link between the existence check and the subsequent write so that the write operation follows the symlink and overwrites an attacker-chosen file accessible to the running process. This enables arbitrary file overwrite within the privileges of the application process, which can corrupt files and cause loss of application or user data. If the application is executed with elevated privileges, this could extend to system file corruption. The issue is fixed in version 1.0.1.

CVSS Details

Base Score
6.3
Exploitability
1.0
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
1.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-367

References 2

  • github.com https://github.com/zheny-creator/YtGrabber-TUI/commit/bf065e833820bb4253a70a4c1dc6b843c6d8bf21
  • github.com https://github.com/zheny-creator/YtGrabber-TUI/security/advisories/GHSA-hwwf-fq6p-rw9q

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.