CVE Catalog

CVE-2026-57952

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile — higher than 7% of all known CVEs

Summary

Mythic before version 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpoints with a known payload UUID from another operation to access that operation's C2 profile configuration including encryption keys and callback parameters.

Risk Assessment

The risk involves unauthorized access to sensitive C2 configuration data, such as encryption keys and callback parameters, which could lead to operation compromise and leakage of confidential information.

Recommendation

It is recommended to immediately upgrade Mythic to version 3.4.0.60 or later, which fixes this vulnerability. Additionally, review access logs for the mentioned endpoints for any suspicious activity.

Original NVD description (English source)

Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpoints with a known payload UUID from another operation to access that operation's C2 profile configuration including encryption keys and callback parameters.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS