{"uuid": "64cc899d-86b3-4ea1-9b3d-c7697f38e2b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-vjc7-jrh9-9j86", "type": "seen", "source": "https://gist.github.com/alon710/6a50137ec82734dd8b73a28b2639fdfa", "content": "# GHSA-VJC7-JRH9-9J86: Unauthenticated CRUD and Sensitive Data Exposure in 9Router API Endpoints\n\n&gt; **CVSS Score:** 10.0\n&gt; **Published:** 2026-07-06\n&gt; **Full Report:** https://cvereports.com/reports/GHSA-VJC7-JRH9-9J86\n\n## Summary\nAn access control deficiency in the 9Router dashboard allows unauthenticated remote attackers to perform full CRUD operations on integrated AI providers, extract plaintext API keys, and access complete system conversation histories.\n\n## TL;DR\nUnauthenticated API endpoints in 9Router expose sensitive API keys, allow unauthorized configuration changes, and leak multi-turn conversation transcripts.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-306, CWE-200, CWE-862\n- **Attack Vector**: Network\n- **CVSS Score**: 10.0\n- **Impact**: Total Access Control Bypass, Credential Harvest, Traffic Hijacking\n- **Exploit Status**: Proof of Concept available\n\n## Affected Systems\n\n- 9Router Dashboard Deployments\n- **9router**: &lt;= 0.4.41 (Fixed in: `0.4.45`)\n\n## Mitigation\n\n- Deploy software updates beyond version 0.4.41 to secure administrative API routes.\n- Revoke and rotate all third-party API credentials entered into the dashboard.\n- Establish network-level boundaries (such as a VPN or private subnet) to prevent external access to the analytical dashboard interfaces.\n\n**Remediation Steps:**\n1. Update 9Router dependencies and deployment instances to version 0.4.45 or newer.\n2. Access the developer consoles of all connected providers (OpenAI, Anthropic, etc.) to cancel current keys and issue replacements.\n3. Implement Next.js middleware handlers to intercept and drop unauthorized traffic hitting the '/api' routing boundaries.\n\n## References\n\n- [GHSA-VJC7-JRH9-9J86 on GitHub Advisory Database](https://github.com/advisories/GHSA-VJC7-JRH9-9J86)\n- [Vendor Security Advisory](https://github.com/decolua/9router/security/advisories/GHSA-vjc7-jrh9-9j86)\n- [9Router GitHub Project Repository](https://github.com/decolua/9router)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-VJC7-JRH9-9J86) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-07T02:42:04.700933Z"}