Executive Summary

CVE-2026-45743 is a high-severity vulnerability in the Termix web-based server management platform, specifically in its file-manager component prior to version 2.3.2.

The issue arises because 16 file-manager endpoints do not verify that the requesting user actually owns the SSH session identified by the sessionId parameter.

An authenticated attacker who knows or can guess another user's active sessionId can hijack that session and perform unauthorized actions such as reading, writing, deleting, downloading, and executing files on the victim's connected SSH host.

This vulnerability is classified as an Insecure Direct Object Reference (IDOR) and is caused by missing ownership checks on session access.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have serious impacts including unauthorized access and manipulation of files on your SSH hosts.

• An attacker can read sensitive files, potentially exposing confidential information.
• They can write or modify files, which could lead to data corruption or insertion of malicious code.
• Deletion of important files is possible, causing data loss.
• Attackers can download files, leading to data exfiltration.
• Execution of arbitrary commands on the victim's SSH host can compromise system integrity and security.

Overall, the vulnerability compromises confidentiality and integrity of your systems with a high severity score of 8.1.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves unauthorized access to SSH sessions by exploiting the sessionId parameter in Termix file-manager endpoints. Detection involves monitoring for suspicious use or guessing of session IDs that do not belong to the authenticated user.

Since the vulnerability allows an attacker to read, write, delete, download, and execute files on another user's SSH session, detection can include checking logs for unusual file operations or command executions originating from unexpected session IDs.

Specific commands to detect exploitation are not provided in the available resources.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade Termix to version 2.3.2 or later, where the vulnerability has been patched by adding session ownership verification checks and improving session ID management.

Until the upgrade can be applied, restrict access to the Termix file-manager endpoints to trusted users only, and monitor for suspicious activity involving session IDs.

Useful 0 Not Useful 0

Compliance Impact

CVE-2026-45743 allows an authenticated attacker to access and manipulate another user's SSH session, leading to unauthorized read, write, delete, download, and execution of files on the victim's connected SSH host.

This unauthorized access and manipulation of sensitive data can lead to breaches of confidentiality and integrity, which are critical requirements under common standards and regulations such as GDPR and HIPAA.

Specifically, the exposure and potential alteration of sensitive files could result in non-compliance with data protection and privacy obligations mandated by these regulations.

Useful 0 Not Useful 0