CVE-2025-59951

Name of the Vulnerable Software and Affected Versions Termix versions 1.5.0 and below

Description Termix is a web-based server management platform offering SSH terminal, tunneling, and file editing features. The official Docker image, when configured with an Nginx reverse proxy, incorrectly retrieves the proxy's IP address instead of the client's IP address when using the req.ip method. This causes the isLocalhost function to consistently return True. As a result, the /ssh/db/host/internal API endpoint becomes directly accessible without requiring login or authentication. This endpoint stores sensitive SSH host information, including addresses, usernames, and passwords, creating a significant security risk. The isLocalhost function determines if a request originates from the local machine.

Recommendations Update to Termix version 1.6.0 or later.