VYPR
← All advisories
Medium severity6.4NVD Advisory· Published May 29, 2026· Updated May 29, 2026

CVE-2026-9557

CVE-2026-9557

Description

A Server-Side Request Forgery (SSRF) vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server, enabling internal network reconnaissance or forcing requests to arbitrary internal or external destinations.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An SSRF vulnerability in Mautic's Focus component allows authenticated users to force the server to make outbound HTTP requests, enabling internal network reconnaissance.

Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability exists in the Mautic Focus component (MauticFocusBundle). Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server. This affects versions prior to 7.1.2, 6.0.9, 5.2.11, and 4.4.20 ELTS [1].

Exploitation

An attacker must have an authenticated session on the Mautic panel. By supplying a crafted URL in the Focus component, the attacker can force the server to initiate HTTP requests to arbitrary internal or external destinations. No additional privileges or user interaction beyond authentication are required [1].

Impact

Successful exploitation allows the attacker to perform internal port probing, map firewalled infrastructure, and conduct network reconnaissance. This can lead to information disclosure about internal services and potentially enable further attacks against internal systems [1].

Mitigation

This vulnerability is fixed in Mautic versions 7.1.2, 6.0.9, 5.2.11, and 4.4.20 ELTS. No official workarounds exist; however, limiting outbound network access from the Mautic web server to internal-only subnets or local hosts can reduce exposure [1].

References
  1. SSRF in the Mautic Focus component

AI Insight generated on May 29, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Mautic/Mauticinferred2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

1

News mentions

0

No linked articles in our index yet.