Skip to main content

9Router CVE-2026-56675

| EUVDEUVD-2026-42932 HIGH
Improper Authentication (CWE-287)
2026-07-10 GitHub_M
8.3
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
8.3 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
vuln.today AI
8.3 HIGH

Unauthenticated remote HTTP (AV:N/PR:N/UI:N); scope change (S:C) because bypassing the guard exposes upstream provider credentials as a separate authority; low C/I/A reflecting enumeration and proxied-credential abuse rather than full compromise.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

2
Patch available
Jul 10, 2026 - 18:01 EUVD
Analysis Generated
Jul 10, 2026 - 16:55 vuln.today

DescriptionCVE.org

9Router is an AI router & token saver. Prior to 0.5.2, 9router treats loopback requests as trusted and allows /v1/* access without an API key, so a same-host reverse proxy that forwards public traffic to the backend through 127.0.0.1 causes src/dashboardGuard.js to misclassify external requests as local. A remote unauthenticated attacker can access /v1 APIs such as /v1/models and may abuse configured upstream provider credentials through /v1 proxy endpoints depending on enabled providers. This issue is fixed in version 0.5.2.

AnalysisAI

Authentication bypass in 9Router (decolua/9router) versions prior to 0.5.2 lets remote unauthenticated attackers reach protected /v1/* proxy APIs because src/dashboardGuard.js trusts any request arriving over loopback. When 9Router runs behind a same-host reverse proxy that forwards public traffic through 127.0.0.1 - the standard production deployment - external requests are misclassified as local, exposing /v1/models and enabling abuse of configured upstream AI provider credentials. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify 9Router behind localhost reverse proxy
Delivery
Send keyless /v1/models request
Exploit
Proxy forwards via 127.0.0.1
Execution
Guard misclassifies request as local
Persist
Access /v1 proxy endpoints unauthenticated
Impact
Abuse configured upstream provider credentials

Vulnerability AssessmentAI

Exploitation Requires that 9Router (before 0.5.2) is deployed behind a same-host reverse proxy which forwards public/internet traffic to the backend over 127.0.0.1 - that loopback-forwarding topology is the exact precondition that makes external requests appear local to src/dashboardGuard.js. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are moderately aligned toward real risk but not critical urgency. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario 9Router runs on a server behind nginx, which proxies public HTTPS traffic to the backend on 127.0.0.1. An attacker on the internet simply sends GET /v1/models (and other /v1 proxy requests) with no API key; because the request arrives from the loopback proxy, dashboardGuard.js treats it as local and serves it, potentially letting the attacker route requests through the victim's configured upstream provider credentials. …
Remediation Vendor-released patch: version 0.5.2 - upgrade 9Router to 0.5.2 or later, which corrects the loopback-trust classification in src/dashboardGuard.js (fix commit da667836cc7584bea0edd893de1d590c9ea279dc; advisory GHSA-x5c9-v98j-722r). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all 9Router deployments to identify affected versions (<0.5.2) and confirm deployment architecture (reverse proxy + loopback forwarding). …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-59801 CRITICAL POC
9.3 Jul 13

Unauthenticated CRUD on the provider-management API in 9Router (through 0.4.41) lets remote attackers with no credential

CVE-2026-5842 MEDIUM POC
5.5 Apr 09

Remote authorization bypass in decolua 9router up to version 0.3.47 allows unauthenticated network attackers to access t

CVE-2026-62327 CRITICAL
9.3 Jul 13

Unauthenticated API key disclosure in 9Router (npm package '9router' by decolua) through version 0.4.41 lets any remote

CVE-2026-62312 HIGH
8.8 Jul 15

Authenticated remote code execution in 9Router before 0.5.2 lets a logged-in attacker run arbitrary OS commands on the h

CVE-2026-62328 HIGH
8.7 Jul 13

Unauthenticated information disclosure in 9Router (decolua/9router) through version 0.4.41 lets remote attackers read ev

CVE-2026-56679 HIGH
8.7 Jul 15

Authentication bypass in 9Router (AI router & token saver) prior to 0.5.4 lets any authenticated user disable applicatio

CVE-2026-55638 HIGH
8.6 Jul 10

Authorization-gate bypass in 9Router (decolua/9router) before 0.5.2 lets a remote unauthenticated attacker reach protect

CVE-2026-55641 HIGH
8.2 Jul 10

Authentication bypass in 9Router (decolua/9router) before 0.5.2 lets a remote unauthenticated attacker forge a 'Host: lo

CVE-2026-56676 HIGH
7.4 Jul 10

Server-side request forgery via DNS rebinding in 9Router (decolua/9router) before 0.5.2 allows an authenticated LLM-prox

CVE-2026-56678 MEDIUM
6.4 Jul 15

Server-side request forgery (SSRF) in 9Router's Kiro API-key validation endpoint allows authenticated attackers to redir

CVE-2026-10269 MEDIUM
5.3 Jun 01

Improper authorization in decolua 9router through version 0.4.0 allows remote attackers with low privileges to bypass JW

Share

CVE-2026-56675 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy