CVE-2026-45749

HIGH EPSS 24.2%
Published Jun 5, 20263w ago · Modified Jun 17, 20261w ago
8.1 CVSS 3.1
High
Find Similar
Published Jun 5, 2026 3w ago
Last Modified Jun 17, 2026 1w ago

Description

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /users/totp/disable` and `POST /users/totp/backup-codes` endpoints in Termix prior to version 2.3.2 accept the account password as a sole authentication factor for MFA-critical operations. An attacker who obtains a user's password (phishing, credential stuffing, the passwordHash leak in GHSA-xxxx) can disable TOTP entirely or regenerate backup codes, without ever possessing the TOTP device or knowing a valid TOTP code. This renders two-factor authentication ineffective. Version 2.3.2 patches the issue.

CVSS Details

Base Score
8.1
Exploitability
2.8
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability None

Threat Intelligence

EPSS Exploit Probability
24.2% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-308

Affected Products 1

VendorProductVersionRange
termixtermix*≥2.1.0  –  <2.3.2

References 2

  • github.com https://github.com/Termix-SSH/Termix/releases/tag/release-2.3.2-tag
    ProductRelease Notes
  • github.com https://github.com/Termix-SSH/Termix/security/advisories/GHSA-wqfw-rqj7-fv9m
    ExploitMitigationVendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.