CVE-2026-31309
HIGHMysterium Node < 1.36.0 - Unauthenticated Configuration Overwrite and Node Takeover via /tequilapi/config/user Endpoint
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2026-31309. PoCs published by Sch8ill.
AI-analyzed exploit summary The repository describes a broken access control vulnerability in Mysterium Node's `/tequilapi/config/user` endpoint, allowing unauthenticated attackers to overwrite node configuration via a crafted POST request. However, it lacks a functional PoC (e.g., `config.json` template or exploit code) and only provides a basic `curl` command skeleton.
Description
Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request.
Exploits (1)
The repository describes a broken access control vulnerability in Mysterium Node's `/tequilapi/config/user` endpoint, allowing unauthenticated attackers to overwrite node configuration via a crafted POST request. However, it lacks a functional PoC (e.g., `config.json` template or exploit code) and only provides a basic `curl` command skeleton.
References (7)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N