CNNVD-202507-723 Information

CNNVD ID

CNNVD-202507-723

Related CVE

CVE-2025-53376

• CNNVD Published: 2025-07-07

Description (Chinese)

Dokploy是Dokploy开源的一个开源软件。 Dokploy 0.23.7之前版本存在操作系统命令注入漏洞，该漏洞源于经过身份验证的低权限用户可在Dokploy主机上运行任意OS命令，可能导致命令注入攻击。

Description (English)

Dokploy is an open source software for Dokploy open source. Before Dokploy 0.23.7, there was a gap in the operating system command, which resulted from the fact that a low-authorized, identified user could operate an arbitrary OS order on the Dokploy mainframe, which could lead to an attack.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

Dokploy

Published

2025-07-07

Last Modified

2026-02-24

References

https://github.com/Dokploy/dokploy/security/advisories/GHSA-m486-7pmj-8cmv https://github.com/Dokploy/dokploy/commit/fb5d2bd5b67322f1468e5e4d0d5abcf97517761c https://access.redhat.com/security/cve/cve-2025-53376

Patch

https://github.com/Dokploy/dokploy/releases