Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/05 6:0 p.m.7 views

CVE-2026-45748

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /ssh/tunnel/connect endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields endpointIP, endpointUsername,...

9.8CVSS5.5AI score0.01729EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/06/05 6:0 p.m.13 views

EUVD-2026-34876

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /ssh/tunnel/connect endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields endpointIP, endpointUsername,...

9.8CVSS5.5AI score0.01729EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/05 6:0 p.m.35 views

CVE-2026-45748 Termix Vulnerable to Remote Code Execution via SSH Tunnel Forward Command Injection

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /ssh/tunnel/connect endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields endpointIP, endpointUsername,...

9.8CVSS0.01729EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.20 views

PT-2026-47020

Name of the Vulnerable Software and Affected Versions Termix versions prior to 2.3.2 Description Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The 'POST /ssh/tunnel/connect' endpoint allows persistent OS command injection on the...

9.8CVSS5.5AI score0.01729EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Termix 操作系统命令注入漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the POST /ssh/tunnel/connect endpoint, which directly inserted the...

9.8CVSS5.7AI score0.01729EPSS
Exploits1References3
OSV
OSV
added 2026/04/20 10:59 a.m.8 views

CLSA-2026-1776682775 libsoup: Fix of CVE-2026-5119

CVE-2026-5119: fix cleartext transmission of cookies to HTTP proxy in tunnelconnect CONNECT request for HTTPS targets...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References1
OSV
OSV
added 2026/04/20 10:44 a.m.6 views

CLSA-2026-1776681849 libsoup: Fix of CVE-2026-5119

CVE-2026-5119: fix cleartext transmission of cookies to HTTP proxy in tunnelconnect CONNECT request for HTTPS targets...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References1
Rows per page
Query Builder