CVE-2020-23256

Electerm 1.3.22 contains a critical security vulnerability where the application fails to verify the origin of requests made to its internal service. This allows an attacker to send unauthenticated requests that can execute arbitrary commands on the host system [1][3][4]. The root cause is the absence of permission checks on the service endpoint, which trusts any incoming request without validation.

To exploit this vulnerability, an attacker must lure a user who has Electerm running to visit a malicious website. The malicious site can then send crafted requests to Electerm's internal service, triggering command execution without any user interaction beyond keeping the application open [4]. No authentication or special network position is required; the attack works across all supported operating systems.

Successful exploitation grants the attacker arbitrary code execution with the privileges of the Electerm process. This can lead to full system compromise, including data theft, installation of malware, or further lateral movement within the network [3]. The vulnerability is rated as critical severity.

Users should update Electerm to a version later than 1.3.22, as the advisory indicates that versions up to and including 1.3.22 are affected [3]. No official workaround has been provided, but generating a random token for service invocation at startup has been suggested as a mitigation [4].