CVE-2026-45353
HIGH WAF: Medium
CVSS 7.8
Published: 2026-05-28
CWE-94
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6 to 3.8.8, This vulnerability is fixed in 3.9.0.
WAF Coverage Analysis
Code Injection
Medium WAF Coverage
OWASP: A03:2021 Injection
932xxx - Remote Code Execution 933xxx - PHP Injection 934xxx - Node.js / Generic Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| electerm_project | electerm | 3.0.6 - 3.9.0 |
References
- github.com (Patch)
- github.com (Vendor Advisory, Patch)