CVE-2026-42452
Received Received - Intake
Authentication Bypass via JWT in Termix 2.1.0

Publication date: 2026-05-08

Last updated on: 2026-05-12

Assigner: GitHub, Inc.

Description
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT (temp_token) for TOTP-enabled accounts. That token carries a pendingTOTP state and should only be valid for the second-factor flow. However, the auth middleware accepts this token on regular authenticated endpoints. This effectively turns 2FA into single-factor (password) for impacted accounts. This issue has been patched in version 2.1.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-12
Generated
2026-06-19
AI Q&A
2026-05-09
EPSS Evaluated
2026-06-18
NVD
CVE-2026-42452
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
termix termix to 2.1.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-304 The product implements an authentication technique, but it skips a step that weakens the technique.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects Termix, a web-based server management platform. Before version 2.1.0, when a user with TOTP (Time-based One-Time Password) enabled logs in, the system issues a temporary JWT token (temp_token) that is meant to be used only during the second-factor authentication step. However, due to a flaw, this temporary token is accepted by the authentication middleware on regular authenticated endpoints, effectively bypassing the second-factor requirement.

As a result, accounts that should require two-factor authentication (2FA) can be accessed with only a password, turning 2FA into single-factor authentication.

Impact Analysis

This vulnerability can significantly weaken the security of accounts protected by two-factor authentication in Termix. Attackers who obtain a valid password can bypass the second authentication factor, gaining unauthorized access to user accounts.

Such unauthorized access can lead to compromise of sensitive server management functions, including SSH terminal access, tunneling, and file editing capabilities, potentially resulting in data breaches or system manipulation.

Mitigation Strategies

To mitigate this vulnerability, upgrade Termix to version 2.1.0 or later, where the issue has been patched.

Compliance Impact

This vulnerability effectively disables two-factor authentication (2FA) for impacted accounts by allowing a temporary JWT token intended only for the second-factor flow to be accepted on regular authenticated endpoints. This reduction from two-factor to single-factor authentication weakens the security posture of the affected system.

Such a weakening of authentication controls can increase the risk of unauthorized access to sensitive data, which may lead to non-compliance with security requirements mandated by common standards and regulations like GDPR and HIPAA that require strong access controls and protection of personal or health information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42452. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart