CVE-2025-57853

Name of the Vulnerable Software and Affected Versions Web Terminal images (affected versions not specified)

Description A container privilege escalation flaw exists due to the /etc/passwd file being created with group-writable permissions during the build process. An attacker with command execution within an affected container, even as a non-root user, can modify the /etc/passwd file by leveraging root group membership. This allows the addition of a new user with an arbitrary UID, including UID 0, resulting in full root privileges within the container.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.