CVE-2026-45743
HIGHTermix <2.3.2 File Manager Sessions - Insecure Direct Object Reference
Title source: manualDescription
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by `sessionId`. An authenticated attacker who knows or guesses another user's active `sessionId` can read, write, delete, download, and execute files on the victim's connected SSH host. Version 2.3.2 patches the issue.
References (2)
Core 2
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/Termix-SSH/Termix/security/advisories/GHSA-5fqh-77cr-jj5x
X_Refsource_Misc x_refsource_misc
https://github.com/Termix-SSH/Termix/releases/tag/release-2.3.2-tag
Scores
CVSS v3
8.1
EPSS
0.0023
EPSS Percentile
14.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-639
Status
published
Products (2)
termix/termix
2.1.0 - 2.3.2
Termix-SSH/Termix
< 2.3.2
Published
Jun 05, 2026
Tracked Since
Jun 06, 2026