CVE-2025-50505 | Clash Verge Rev up to 2.2.3 clash-verge-service /start_clash bin_path improper authorization

A vulnerability marked as critical has been reported in Clash Verge Rev up to 2.2.3. This affects an unknown function of the file /start_clash of the component clash-verge-service. The manipulation of the argument bin_path leads to improper authorization.

This vulnerability is documented as CVE-2025-50505. The attack needs to be performed locally. There is not any exploit available.VulDB Recent EntriesRead More