CVE-2025-53375 — MEDIUM (6.5)

Q: How severe is CVE-2025-53375?

CVE-2025-53375 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-53375?

Check the references section above for vendor advisories and patch information. Affected products include: Dokploy Dokploy.

Vulnerability Description

Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access (e.g., /etc/passwd, application source, environment variable files containing credentials and secrets). This may lead to full compromise of other services or lateral movement. This vulnerability is fixed in 0.23.7.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Dokploy	Dokploy	< 0.23.7

Related Weaknesses (CWE)

CWE-22

References

https://github.com/Dokploy/dokploy/commit/e42f6bc61050cd438726921fced64477cbf8f8Patch
https://github.com/Dokploy/dokploy/security/advisories/GHSA-vq94-qm94-mxp6PatchThird Party Advisory

FAQ

What is CVE-2025-53375?

CVE-2025-53375 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik proces...

How severe is CVE-2025-53375?

CVE-2025-53375 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-53375?

Check the references section above for vendor advisories and patch information. Affected products include: Dokploy Dokploy.