CVE-2026-42452: CWE-304: Missing Critical Step in Authentication in Termix-SSH Termix
CVE-2026-42452 is a high-severity vulnerability in Termix versions prior to 2. 1. 0 that affects the two-factor authentication (2FA) process. The issue arises because the temporary JWT token issued during the login process for TOTP-enabled accounts is accepted by the authentication middleware on regular authenticated endpoints, effectively bypassing the second factor. This reduces the security of 2FA accounts to single-factor authentication using only the password. The vulnerability has been patched in Termix version 2. 1. 0.
AI Analysis
Technical Summary
Termix-SSH's web-based server management platform issues a temporary JWT token (temp_token) with a pendingTOTP state during login for TOTP-enabled accounts. This token should only be valid for completing the second-factor authentication step. However, in versions before 2.1.0, the authentication middleware incorrectly accepts this token on normal authenticated endpoints, allowing attackers to bypass the second factor and authenticate with only the password. This flaw is classified under CWE-304 (Missing Critical Step in Authentication) and has a CVSS 3.1 score of 8.1, indicating high severity. The issue is resolved in version 2.1.0.
Potential Impact
The vulnerability allows attackers to bypass the second factor of authentication for TOTP-enabled accounts, effectively reducing two-factor authentication to single-factor. This can lead to unauthorized access with high confidentiality and integrity impact, as attackers can authenticate without completing the second factor. Availability is not impacted. There are no known exploits in the wild at this time.
Mitigation Recommendations
This vulnerability has been patched in Termix version 2.1.0. Users should upgrade to version 2.1.0 or later to remediate this issue. No other official remediation or temporary fixes are documented. Patch status is not explicitly confirmed in the vendor advisory, but the description states the issue is fixed in version 2.1.0.
CVE-2026-42452: CWE-304: Missing Critical Step in Authentication in Termix-SSH Termix
Description
CVE-2026-42452 is a high-severity vulnerability in Termix versions prior to 2. 1. 0 that affects the two-factor authentication (2FA) process. The issue arises because the temporary JWT token issued during the login process for TOTP-enabled accounts is accepted by the authentication middleware on regular authenticated endpoints, effectively bypassing the second factor. This reduces the security of 2FA accounts to single-factor authentication using only the password. The vulnerability has been patched in Termix version 2. 1. 0.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Termix-SSH's web-based server management platform issues a temporary JWT token (temp_token) with a pendingTOTP state during login for TOTP-enabled accounts. This token should only be valid for completing the second-factor authentication step. However, in versions before 2.1.0, the authentication middleware incorrectly accepts this token on normal authenticated endpoints, allowing attackers to bypass the second factor and authenticate with only the password. This flaw is classified under CWE-304 (Missing Critical Step in Authentication) and has a CVSS 3.1 score of 8.1, indicating high severity. The issue is resolved in version 2.1.0.
Potential Impact
The vulnerability allows attackers to bypass the second factor of authentication for TOTP-enabled accounts, effectively reducing two-factor authentication to single-factor. This can lead to unauthorized access with high confidentiality and integrity impact, as attackers can authenticate without completing the second factor. Availability is not impacted. There are no known exploits in the wild at this time.
Mitigation Recommendations
This vulnerability has been patched in Termix version 2.1.0. Users should upgrade to version 2.1.0 or later to remediate this issue. No other official remediation or temporary fixes are documented. Patch status is not explicitly confirmed in the vendor advisory, but the description states the issue is fixed in version 2.1.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-27T13:55:58.693Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fe6c74cbff5d86103b91c1
Added to database: 5/8/2026, 11:06:28 PM
Last enriched: 5/8/2026, 11:21:37 PM
Last updated: 5/9/2026, 1:22:48 AM
Views: 16
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.