An authenticated remote code execution vulnerability in Termix allows attackers to execute arbitrary OS commands on remote managed servers.

The application fails to sanitize containerId parameters and WebSocket messages before passing them to shell commands, allowing an authenticated attacker to inject malicious commands.

With a CVSS score of 9.9, this vulnerability grants an authenticated attacker the ability to achieve full remote code execution on all managed servers. This is a catastrophic risk that could lead to widespread system compromise across the entire infrastructure.

Immediate Action: Update Termix to version 2.1.0 or later immediately.

Proactive Monitoring: Monitor managed servers for unauthorized shell processes or unusual command execution patterns originating from Termix.

Compensating Controls: Implement strict command allow-lists and sanitize all inputs before they reach the shell execution layer in the Termix backend.

Public Exploit Available: No

This is an extremely critical vulnerability that requires immediate remediation. Administrators should ensure that all instances of Termix are patched to prevent the risk of remote server compromise.