CVE-2026-45748

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /ssh/tunnel/connect endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields (endpointIP, endpointUsername, password) directly into a shell command without escaping, allowing persistent OS command injection on the source SSH host. Version 2.3.2 patches the issue.