CVE-2026-44425: CWE-20: Improper Input Validation in shellhub-io shellhub
ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter property in the base64-encoded filter query parameter and the sort_by query parameter, which are then passed directly as BSON/SQL keys in the database layer without validation. Any authenticated user can craft payloads that cause the aggregation / query to fail and the API to return HTTP 500 with no body, with no rate limiting applied. This vulnerability is fixed in 0.24.2.
AI Analysis
Technical Summary
ShellHub versions before 0.24.2 have an input validation flaw in the device list endpoint where user-supplied identifiers in base64-encoded filter queries and sort_by parameters are used directly as BSON/SQL keys without validation. This can cause aggregation or query failures in the database layer, leading to HTTP 500 errors. The vulnerability requires authentication and does not have rate limiting, potentially allowing denial of service through crafted queries. The issue is addressed in version 0.24.2.
Potential Impact
An authenticated user can cause the device list API to fail by sending crafted filter or sort parameters, resulting in HTTP 500 errors and denial of service conditions. There is no impact on confidentiality or integrity reported. The vulnerability affects availability by causing API failures. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade shellhub to version 0.24.2 or later where this vulnerability is fixed. Since no official patch link or remediation level is provided beyond the version fix, applying the update is the recommended action. There is no indication of temporary workarounds or vendor advisories stating no action is required.
CVE-2026-44425: CWE-20: Improper Input Validation in shellhub-io shellhub
Description
ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter property in the base64-encoded filter query parameter and the sort_by query parameter, which are then passed directly as BSON/SQL keys in the database layer without validation. Any authenticated user can craft payloads that cause the aggregation / query to fail and the API to return HTTP 500 with no body, with no rate limiting applied. This vulnerability is fixed in 0.24.2.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
ShellHub versions before 0.24.2 have an input validation flaw in the device list endpoint where user-supplied identifiers in base64-encoded filter queries and sort_by parameters are used directly as BSON/SQL keys without validation. This can cause aggregation or query failures in the database layer, leading to HTTP 500 errors. The vulnerability requires authentication and does not have rate limiting, potentially allowing denial of service through crafted queries. The issue is addressed in version 0.24.2.
Potential Impact
An authenticated user can cause the device list API to fail by sending crafted filter or sort parameters, resulting in HTTP 500 errors and denial of service conditions. There is no impact on confidentiality or integrity reported. The vulnerability affects availability by causing API failures. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade shellhub to version 0.24.2 or later where this vulnerability is fixed. Since no official patch link or remediation level is provided beyond the version fix, applying the update is the recommended action. There is no indication of temporary workarounds or vendor advisories stating no action is required.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-06T14:40:00.953Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a04f25dcbff5d8610127f4f
Added to database: 5/13/2026, 9:51:25 PM
Last enriched: 5/13/2026, 10:07:29 PM
Last updated: 5/14/2026, 6:48:20 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.