CVE-2026-57952
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk7th percentile — higher than 7% of all known CVEs
Summary
Mythic before version 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpoints with a known payload UUID from another operation to access that operation's C2 profile configuration including encryption keys and callback parameters.
Risk Assessment
The risk involves unauthorized access to sensitive C2 configuration data, such as encryption keys and callback parameters, which could lead to operation compromise and leakage of confidential information.
Recommendation
It is recommended to immediately upgrade Mythic to version 3.4.0.60 or later, which fixes this vulnerability. Additionally, review access logs for the mentioned endpoints for any suspicious activity.
Original NVD description (English source)
Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpoints with a known payload UUID from another operation to access that operation's C2 profile configuration including encryption keys and callback parameters.

