| Название | 9Router Router 0.3.47-0.3.32 Authorization Bypass |
|---|
| Описание | Missing Authentication on Administrative API Endpoints Leads to Full System Compromise in 9Router
9Router applies its login boundary to `/dashboard` routes but does not enforce equivalent server-side authentication on multiple sensitive `/api/*` handlers. As a result, an unauthenticated remote attacker can directly call administrative API routes to export the full local database, list and mint API keys, retrieve provider secrets, modify application settings, trigger server-side requests to attacker-chosen destinations, and stop the service.
This is a broad administrative API exposure issue with multiple concrete impacts, all reachable without a valid session token.
Exploit_Poc_Repo = https://github.com/deepcat1337/Free_Api_Exploit/tree/main |
|---|
| Источник | ⚠️ https://github.com/decolua/9router/issues/431 |
|---|
| Пользователь | cyberthoth (UID 28322) |
|---|
| Представление | 26.03.2026 12:05 (20 дни назад) |
|---|
| Модерация | 08.04.2026 19:43 (13 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 356298 [decolua 9router до 0.3.47 Administrative API Endpoint /api эскалация привилегий] |
|---|
| Баллы | 20 |
|---|