CNNVD-202510-006 Information

CNNVD ID

CNNVD-202510-006

Related CVE

CVE-2025-59951

• CNNVD Published: 2025-10-01

Description (Chinese)

Termix是Karmaa个人开发者的一个服务器管理平台。 Termix 1.5.0及之前版本存在安全漏洞，该漏洞源于Nginx反向代理配置不当，导致后端获取代理IP而非客户端IP，可能泄露SSH主机信息。

Description (English)

Termix is a server management platform for Karmaa personal developers. There is a security loophole in Termix 1.5.0 and previous versions, which stems from the inappropriate configuration of Nginx ’ s reverse agent, leading to back-end access to agent IP rather than client IP, which could leak SSH mainframe information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-01

Last Modified

2026-02-24

References

https://github.com/LukeGus/Termix/pull/221 https://github.com/LukeGus/Termix/security/advisories/GHSA-92cw-877q-6r94

Patch

https://github.com/LukeGus/Termix/releases