Electerm Unvalidated Shell.openExternal Vulnerability Allowing Arbitrary Code Execution and Local File Access

A vulnerability in Electerm's terminal hyperlink handler allows arbitrary code execution and local file access. In versions through 3.8.15, the hyperlink handler passes clicked URLs directly to shell.openExternal without validating the protocol. This flaw can be exploited by an attacker controlling terminal output, such as through a malicious SSH server or compromised remote host. The exploitation requires the victim to click a displayed link. At the time of publication, no patches are available.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution or unauthorized access to local files on the victim's machine.

Remediation

Until a patch is released, users should avoid clicking links in the terminal when connected to untrusted servers. It is also advisable to disable hyperlink rendering in Electerm's terminal settings, use a terminal multiplexer like tmux that filters URI schemes, or run Electerm in a restricted environment that limits protocol handler execution.