CNNVD-202507-721 Information

CNNVD ID

CNNVD-202507-721

Related CVE

CVE-2025-53375

• CNNVD Published: 2025-07-07

Description (Chinese)

Dokploy是Dokploy开源的一个开源软件。 Dokploy 0.23.7之前版本存在路径遍历漏洞，该漏洞源于经过身份验证的攻击者可读取Traefik进程用户可访问的任何文件，可能导致其他服务完全被破解或横向移动。

Description (English)

Dokploy is an open source software for Dokploy open source. Before Dokploy 0.23.7 there is a path-to-path loophole, which stems from the fact that an identified assailant can read any document that is accessible to the Traefik process users, and may lead to the complete breakdown or lateral movement of other services.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

Dokploy

Published

2025-07-07

Last Modified

2026-02-24

References

https://github.com/Dokploy/dokploy/commit/e42f6bc61050cd438726921fced64477cbf8f8e6 https://github.com/Dokploy/dokploy/security/advisories/GHSA-vq94-qm94-mxp6 https://access.redhat.com/security/cve/cve-2025-53375

Patch

https://github.com/Dokploy/dokploy/releases