Vulnerability Description
Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands on the Dokploy host. The tRPC procedure docker.getContainersByAppNameMatch interpolates the attacker-supplied appName value into a Docker CLI call without sanitisation, enabling command injection under the Dokploy service account. This vulnerability is fixed in 0.23.7.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dokploy | Dokploy | < 0.23.7 |
Related Weaknesses (CWE)
References
- https://github.com/Dokploy/dokploy/commit/fb5d2bd5b67322f1468e5e4d0d5abcf9751776Patch
- https://github.com/Dokploy/dokploy/security/advisories/GHSA-m486-7pmj-8cmvPatchThird Party Advisory
FAQ
What is CVE-2025-53376?
CVE-2025-53376 is a vulnerability with a CVSS score of 8.8 (HIGH). Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands...
How severe is CVE-2025-53376?
CVE-2025-53376 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-53376?
Check the references section above for vendor advisories and patch information. Affected products include: Dokploy Dokploy.