CVE Catalog

CVE-2026-45748

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Summary

Termix is a web-based server management platform that prior to version 2.3.2 had a vulnerability in the `POST /ssh/tunnel/connect` endpoint. This vulnerability allowed OS command injection through user-controlled fields being interpolated directly into a shell command.

Risk Assessment

Organizations may be exposed to persistent OS command injection on the source SSH host, potentially leading to unauthorized access and system compromise.

Recommendation

It is recommended to upgrade to version 2.3.2 or later to mitigate this vulnerability and to review and secure SSH configurations.

Original NVD description (English source)

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /ssh/tunnel/connect` endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields (`endpointIP`, `endpointUsername`, `password`) directly into a shell command without escaping, allowing persistent OS command injection on the source SSH host. Version 2.3.2 patches the issue.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS