CVE-2025-43858 is a command injection vulnerability identified in the Bluegrams YoutubeDLSharp library, which is a .NET wrapper for popular command-line video downloaders youtube-dl and yt-dlp. The vulnerability affects versions from 1.0.0-beta4 up to, but not including, 1.1.2. The root cause lies in an unsafe conversion of arguments when launching the yt-dlp executable on Windows operating systems, specifically when the `UseWindowsEncodingWorkaround` flag is set to true. This flag is enabled by default in the built-in methods of the YoutubeDL.cs file, and users cannot disable it through these methods. The unsafe argument handling allows an attacker to inject arbitrary commands into the command line that is executed, leading to potential execution of malicious code with the privileges of the running process. This vulnerability is classified under CWE-77 and CWE-78, which relate to improper neutralization of special elements used in commands and OS command injection, respectively. Although no known exploits have been reported in the wild as of the publication date (April 24, 2025), the vulnerability poses a significant risk due to the ease of exploitation via crafted input parameters. The issue was addressed and patched in version 1.1.2 of YoutubeDLSharp, where argument handling was presumably corrected to properly sanitize or escape special characters to prevent injection. The vulnerability specifically impacts Windows environments where the default workaround is active, and it requires the use of the vulnerable library methods that do not allow disabling this behavior. Since the attack vector involves command injection, an attacker could potentially execute arbitrary commands on the host system, impacting confidentiality, integrity, and availability depending on the commands executed and the privileges of the application. The vulnerability does not require prior authentication but does require the attacker to influence the input parameters passed to the vulnerable methods, which may be possible in scenarios where user input or external data is processed without proper validation.

For European organizations, the impact of this vulnerability can be significant, especially for those using the YoutubeDLSharp library in internal tools, media processing pipelines, or any automated video downloading workflows on Windows systems. Successful exploitation could lead to arbitrary code execution, allowing attackers to compromise system integrity, exfiltrate sensitive data, or disrupt services by executing destructive commands. This could affect media companies, educational institutions, and any enterprise relying on video content processing. Additionally, since the vulnerability allows command injection, attackers could pivot within the network, escalate privileges, or deploy malware, increasing the risk of broader compromise. The impact is heightened in environments where the vulnerable library is used in automated or unattended processes, as exploitation could occur without direct user interaction. The lack of known exploits in the wild suggests limited current targeting, but the medium severity rating and ease of exploitation mean organizations should act promptly. The vulnerability's impact on confidentiality, integrity, and availability is potentially high if exploited, especially given the typical privileges of the running process. Organizations with compliance obligations under GDPR must also consider the risk of data breaches resulting from exploitation.

1. Immediate upgrade to YoutubeDLSharp version 1.1.2 or later, where the vulnerability has been patched, is the primary and most effective mitigation. 2. If upgrading is not immediately feasible, avoid using the built-in methods from YoutubeDL.cs that enforce the `UseWindowsEncodingWorkaround` flag set to true by default. Instead, implement custom wrappers or methods that allow disabling this flag or properly sanitize input arguments before passing them to yt-dlp. 3. Employ strict input validation and sanitization on any user-supplied or external data that may be passed to the vulnerable methods to prevent injection of malicious command elements. 4. Run applications using the principle of least privilege to limit the impact of potential command execution. 5. Monitor process execution logs and command-line invocations for unusual or unexpected commands that could indicate exploitation attempts. 6. Implement application whitelisting and endpoint detection and response (EDR) solutions to detect and block unauthorized command execution. 7. Educate developers and system administrators about the risks of command injection and the importance of secure argument handling when interfacing with command-line tools. 8. Review and audit any custom scripts or automation that utilize YoutubeDLSharp to ensure they do not expose injection vectors.