Critical Termix Auth Bypass Exposes SSH Keys

A critical authentication bypass vulnerability has been found in the official Termix Docker image. The flaw allows unauthenticated attackers to access an internal API endpoint and retrieve sensitive SSH credentials, including host addresses, usernames, and passwords. This issue is caused by a misconfiguration in the Nginx reverse proxy, which makes the application treat all incoming requests as local. Attackers can easily exploit this by sending a simple GET request to the vulnerable endpoint on any exposed Termix instance. Users are urged to upgrade to the patched version immediately and rotate any potentially exposed SSH credentials.

Latest mentioned: 10-02

Earliest mentioned: 10-02

Sources

securityonline.info gbhackers.com

Also Read

Renault Data Breach: Supplier Hack Exposes Owners' Info

A major automaker is notifying customers of a data breach that occurred after a third-party supplier was hacked. The incident exposed personal details such as names, contact information, and vehicle identification numbers, although no financial data was compromised. The company has clarified that its own internal systems were not breached and that the security flaw at the vendor has been contained. Customers are being advised to remain vigilant for potential phishing attacks that could leverage their stolen information. This breach underscores a rising trend of cyberattacks targeting the automotive sector's supply chain to access valuable customer data.

10-03Read more →