Description

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's IP when using the req.ip method. This results in isLocalhost always returning True. Consequently, the /ssh/db/host/internal endpoint can be accessed directly without login or authentication. This endpoint records the system's stored SSH host information, including addresses, usernames, and passwords, posing an extremely high security risk. Users who use the official Termix docker image, build their own image using the official dockerfile, or utilize reverse proxy functionality will be affected by this vulnerability. This issue is fixed in version 1.6.0.

INFO

Published Date :

2025-10-01T21:52:01.232Z

Last Modified :

2025-10-01T21:52:01.232Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59951 vulnerability.

Vendors Products
Termix Project
  • Termix
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59951.

URL Resource
https://github.com/LukeGus/Termix/pull/221 cve-icon cve-icon
https://github.com/LukeGus/Termix/security/advisories/GHSA-92cw-877q-6r94 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability