Submit #791089: serge-chat serge <= 3cb250c Missing Authentication for Critical Function (CWE-306)info

Titleserge-chat serge <= 3cb250c Missing Authentication for Critical Function (CWE-306)
Description# Technical Details A Missing Authentication vulnerability exists across all 6 endpoints in `api/src/serge/routers/model.py` of serge-chat/serge. The application correctly added authentication (`Depends(get_current_active_user)`) to `chat_router` in commit 8083360, but the entire `model_router` was never updated and remains fully unprotected. Any unauthenticated remote attacker can trigger model downloads, delete installed models, or cancel legitimate downloads. # Vulnerable Code File: api/src/serge/routers/model.py Method: download_model, delete_model (and all other model_router endpoints) Why: All 6 endpoints in model_router lack any `Depends(get_current_active_user)` dependency. Additionally, the download function sets an unlimited timeout (`aiohttp.ClientTimeout(total=None)` at line 149) and has no concurrent download guard, so repeated download calls orphan previous tasks and multiply disk/bandwidth consumption. # Reproduction 1. Enumerate all 63 available models (no auth needed): curl -s http://localhost:8008/api/model/all 2. Trigger a model download without authentication: curl -X POST http://localhost:8008/api/model/Zephyr-3B/download 3. Delete an installed model without authentication: curl -X DELETE http://localhost:8008/api/model/Zephyr-3B 4. Disk Exhaustion — trigger all 63 models simultaneously (~1.4TB total): for m in $(curl -s http://localhost:8008/api/model/all | python3 -c "import json,sys;[print(x['name'])for x in json.load(sys.stdin)]"); do curl -s -X POST "http://localhost:8008/api/model/$m/download" & done # Impact - Disk Exhaustion DoS: Attacker downloads all 63 models simultaneously (~1.4TB), filling the server disk and crashing the container. - Data Destruction: Attacker deletes any installed model via DELETE /api/model/{name}, causing immediate service disruption. Re-downloading takes hours. - Download Interference: Attacker cancels legitimate downloads initiated by authorized users. - Bandwidth Amplification: Repeated requests create N concurrent downloads, multiplying disk and bandwidth consumption.
Source⚠️ https://gist.github.com/YLChen-007/5fbc93a21f9928e91a72ab0d72fb1e88
User
 Eric-a (UID 96353)
Submission03/27/2026 13:13 (23 days ago)
Moderation04/19/2026 11:03 (23 days later)
StatusAccepted
VulDB entry358223 [serge-chat serge up to 1.4TB Model API Endpoint model.py download_model/delete_model missing authentication]
Points20

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!