CVE-2026-45743 PUBLISHED

Termix has a File-Manager Session Hijack via Missing Ownership Check (IDOR)

Assigner: GitHub_M
Reserved: 13.05.2026 Published: 05.06.2026 Updated: 05.06.2026

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by sessionId. An authenticated attacker who knows or guesses another user's active sessionId can read, write, delete, download, and execute files on the victim's connected SSH host. Version 2.3.2 patches the issue.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVSS Score: 8.1

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	High
User Interaction	None	Availability Impact	None

CVSS 3.1

Product Status

Vendor	Termix-SSH
Product	Termix
Versions	Version < 2.3.2 is affected

References

Problem Types

CWE-639: Authorization Bypass Through User-Controlled Key CWE