What is the CVSS score of EUVD-2025-33187?

EUVD-2025-33187 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Docker are affected by EUVD-2025-33187?

Organizations using Termix face critical risk from CVE-2025-59951, a improper access control vulnerability rated CVSS 9.1.. A patch is available.

Is there a public PoC exploit available for EUVD-2025-33187?

Yes, a public proof-of-concept exploit is available for EUVD-2025-33187. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2025-33187?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Vendor patch is available.

Docker EUVD-2025-33187

| CVE-2025-59951 CRITICAL

Improper Access Control (CWE-284)

2025-10-01 security-advisories@github.com

Nginx Docker Authentication Bypass Termix

9.1

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 13, 2026 - 18:18 euvd

EUVD-2025-33187

Analysis Generated

Mar 13, 2026 - 18:18 vuln.today

PoC Detected

Oct 20, 2025 - 18:37 vuln.today

Public exploit code

Patch released

Oct 20, 2025 - 18:37 nvd

Patch available

CVE Published

Oct 01, 2025 - 22:15 nvd

CRITICAL 9.1

DescriptionGitHub Advisory

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's IP when using the req.ip method. This results in isLocalhost always returning True. Consequently, the /ssh/db/host/internal endpoint can be accessed directly without login or authentication. This endpoint records the system's stored SSH host information, including addresses, usernames, and passwords, posing an extremely high security risk. Users who use the official Termix docker image, build their own image using the official dockerfile, or utilize reverse proxy functionality will be affected by this vulnerability. This issue is fixed in version 1.6.0.

AnalysisAI

Docker default credentials in Termix server management. PoC and patch available.

Technical ContextAI

CWE-284.

RemediationAI

Change defaults.

More from same product – last 7 days

CVE-2026-48039 CRITICAL Act Now POC

9.1 Jun 11

Unauthenticated remote attackers can invoke MCP tool handlers and exfiltrate the operator's long-lived Meta Graph API ac

CVE-2026-53753 CRITICAL Act Now

9.8 Jun 16

Unauthenticated remote code execution in Crawl4AI versions <= 0.8.6 allows attackers to escape the AST-based sandbox in

CVE-2026-47172 CRITICAL Act Now

9.5 Jun 11

Privileged GitHub Actions workflow injection in Quest Bot (Discord moderation bot) prior to version 1.0.3 allows remote

CVE-2026-47174 CRITICAL Act Now

9.5 Jun 11

Production deployment compromise in Duck Site before 1.0.1 allows remote attackers to push attacker-controlled code as t

CVE-2026-53755 HIGH This Week

8.6 Jun 16

Server-side request forgery in Crawl4AI's Docker API server (versions <= 0.8.8) allows unauthenticated remote attackers

EUVD-2025-33187 vulnerability details – vuln.today

Back

Docker EUVD-2025-33187

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code