CVE-2025-58386

Terminalfour · Terminalfour

Terminalfour 8 fails to perform server-side authorization checks on the userLevel parameter, allowing authenticated Power Users to escalate privileges to Administrator.

Executive summary

An authorization bypass in Terminalfour allows authenticated Power Users to escalate their privileges to Administrator, granting full system control.

Vulnerability

This is an insecure direct object reference and authorization bypass vulnerability. An authenticated Power User can intercept requests to the user management function and modify the userLevel parameter to escalate their own account or other existing accounts to Administrator status.

Business impact

With a CVSS score of 9.8, this vulnerability poses an extreme risk to the integrity and confidentiality of the web content management system. An attacker with Administrator rights can modify site content, access sensitive backend data, or compromise the entire server environment, leading to significant reputational and operational damage.

Remediation

Immediate Action: Upgrade Terminalfour to the latest available version that addresses these server-side authorization flaws.

Proactive Monitoring: Audit user account management logs for any suspicious modifications to user roles or unauthorized password changes.

Compensating Controls: Implement an application-layer firewall to inspect and validate user management requests, blocking requests that attempt to modify unauthorized parameters.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Organizations utilizing Terminalfour must prioritize this update, as it allows for trivial privilege escalation by internal users. Immediate auditing of current administrative roles is recommended to identify any accounts that may have been maliciously elevated prior to patching.