CVE-2025-58386
Terminalfour · Terminalfour
Terminalfour 8 fails to perform server-side authorization checks on the userLevel parameter, allowing authenticated Power Users to escalate privileges to Administrator.
Executive summary
An authorization bypass in Terminalfour allows authenticated Power Users to escalate their privileges to Administrator, granting full system control.
Vulnerability
This is an insecure direct object reference and authorization bypass vulnerability. An authenticated Power User can intercept requests to the user management function and modify the userLevel parameter to escalate their own account or other existing accounts to Administrator status.
Business impact
With a CVSS score of 9.8, this vulnerability poses an extreme risk to the integrity and confidentiality of the web content management system. An attacker with Administrator rights can modify site content, access sensitive backend data, or compromise the entire server environment, leading to significant reputational and operational damage.
Remediation
Immediate Action: Upgrade Terminalfour to the latest available version that addresses these server-side authorization flaws.
Proactive Monitoring: Audit user account management logs for any suspicious modifications to user roles or unauthorized password changes.
Compensating Controls: Implement an application-layer firewall to inspect and validate user management requests, blocking requests that attempt to modify unauthorized parameters.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Organizations utilizing Terminalfour must prioritize this update, as it allows for trivial privilege escalation by internal users. Immediate auditing of current administrative roles is recommended to identify any accounts that may have been maliciously elevated prior to patching.