Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request.
Metrics
Affected Vendors & Products
References
History
Thu, 09 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-862 | |
| Metrics |
cvssV3_1
|
Thu, 09 Jul 2026 04:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Unauthorized configuration overwrite via /tequilapi/config/user endpoint | |
| Weaknesses | CWE-284 |
Wed, 08 Jul 2026 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request. | |
| References |
|
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-09T14:31:28.157Z
Reserved: 2026-03-09T00:00:00.000Z
Link: CVE-2026-31309
Updated: 2026-07-09T14:31:10.556Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T04:30:13Z