CVE-2026-45744

Termix has an OS Command Injection in File Manager resolvePath endpoint

Assigner: GitHub_M
Reserved: 13.05.2026 Published: 05.06.2026 Updated: 05.06.2026

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/file_manager/ssh/resolvePath endpoint in Termix is vulnerable to OS command injection. The endpoint uses double-quote escaping for shell command construction, which does not prevent $(...) and backtick command substitution. Any authenticated user with an active File Manager SSH session can execute arbitrary commands on the connected remote host. Version 2.3.2 patches the issue.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 9.9

Attack Vector	Network	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Termix-SSH
Product	Termix
Versions	Version < 2.3.2 is affected

Vendor

Termix-SSH

Product

Termix

Versions

Version < 2.3.2 is affected

References

Problem Types

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE

CVE-2026-45744 PUBLISHED

Termix has an OS Command Injection in File Manager resolvePath endpoint

Metrics

Product Status

References

Problem Types