Skip to main content

9Router CVE-2026-62327

CRITICAL
Missing Authentication for Critical Function (CWE-306)
2026-07-13 VulnCheck
9.3
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.5 HIGH

Unauthenticated network GET with no interaction (AV:N/AC:L/PR:N/UI:N) yields high confidentiality via plaintext key leak; the endpoint itself is read-only, so I:N/A:N for this specific disclosure.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
Jul 13, 2026 - 22:11 vuln.today
Analysis Generated
Jul 13, 2026 - 22:11 vuln.today
CVE Published
Jul 13, 2026 - 21:37 cve.org
CRITICAL 9.3

DescriptionCVE.org

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve plaintext API keys for all connected AI provider accounts by sending a single unauthenticated request to the /api/usage/stats endpoint. Attackers can exploit the missing authentication middleware on the Next.js API route to obtain full API key strings alongside token counts, cost breakdowns, and request metadata, enabling unauthorized use of connected AI provider accounts, billing fraud, and quota exhaustion.

AnalysisAI

Unauthenticated API key disclosure in 9Router (npm package '9router' by decolua) through version 0.4.41 lets any remote attacker retrieve full plaintext API keys for every connected AI provider by issuing a single GET to the /api/usage/stats endpoint, which lacks authentication middleware. The same missing-auth flaw class extends to unauthenticated CRUD on /api/providers and exposure of full conversation histories, so an attacker can harvest credentials, hijack provider accounts, and commit billing fraud or quota exhaustion. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Discover exposed 9Router dashboard
Delivery
Send unauthenticated GET /api/usage/stats
Exploit
Receive plaintext provider API keys
Execution
Replay keys against AI providers
Impact
Billing fraud and quota exhaustion

Vulnerability AssessmentAI

Exploitation Exploitation requires only network reachability to a running 9Router instance (version <= 0.4.41) with its Next.js dashboard exposed; the specific prerequisite is HTTP access to the /api/usage/stats route, which ships with no authentication middleware. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are strongly aligned toward high real-world severity for deployed instances: the CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N, VC:H/VI:H) describes trivial network-reachable, unauthenticated, no-interaction exploitation, and the flaw is a deterministic single-request read rather than a probabilistic memory-corruption bug, so exploitation is effectively guaranteed once an instance is reachable. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker scans for internet-exposed 9Router dashboards and sends a single unauthenticated GET to /api/usage/stats, receiving every connected provider's full 'sk-...' API key in the JSON response. They then replay those keys directly against the upstream AI providers to run inference on the victim's dime (billing fraud) and exhaust quotas, and optionally POST to /api/providers to insert an attacker-controlled proxy that captures future prompts and responses. …
Remediation No vendor-released patch identified at time of analysis (advisory states 'fixed in: None'), so upgrading is not currently an option; monitor the GitHub advisory GHSA-vjc7-jrh9-9j86 (https://github.com/decolua/9router/security/advisories/GHSA-vjc7-jrh9-9j86) and the VulnCheck advisory (https://www.vulncheck.com/advisories/9router-unauthenticated-api-key-exposure-via-api-usage-stats) for a fixed version. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, audit all 9router ≤0.4.41 deployments via npm dependency scanning, immediately revoke and rotate all AI provider API keys across all connected services, and isolate affected instances from production traffic. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-59801 CRITICAL POC
9.3 Jul 13

Unauthenticated CRUD on the provider-management API in 9Router (through 0.4.41) lets remote attackers with no credential

CVE-2026-5842 MEDIUM POC
5.5 Apr 09

Remote authorization bypass in decolua 9router up to version 0.3.47 allows unauthenticated network attackers to access t

CVE-2026-62312 HIGH
8.8 Jul 15

Authenticated remote code execution in 9Router before 0.5.2 lets a logged-in attacker run arbitrary OS commands on the h

CVE-2026-62328 HIGH
8.7 Jul 13

Unauthenticated information disclosure in 9Router (decolua/9router) through version 0.4.41 lets remote attackers read ev

CVE-2026-56679 HIGH
8.7 Jul 15

Authentication bypass in 9Router (AI router & token saver) prior to 0.5.4 lets any authenticated user disable applicatio

CVE-2026-55638 HIGH
8.6 Jul 10

Authorization-gate bypass in 9Router (decolua/9router) before 0.5.2 lets a remote unauthenticated attacker reach protect

CVE-2026-56675 HIGH
8.3 Jul 10

Authentication bypass in 9Router (decolua/9router) versions prior to 0.5.2 lets remote unauthenticated attackers reach p

CVE-2026-55641 HIGH
8.2 Jul 10

Authentication bypass in 9Router (decolua/9router) before 0.5.2 lets a remote unauthenticated attacker forge a 'Host: lo

CVE-2026-56676 HIGH
7.4 Jul 10

Server-side request forgery via DNS rebinding in 9Router (decolua/9router) before 0.5.2 allows an authenticated LLM-prox

CVE-2026-56678 MEDIUM
6.4 Jul 15

Server-side request forgery (SSRF) in 9Router's Kiro API-key validation endpoint allows authenticated attackers to redir

CVE-2026-10269 MEDIUM
5.3 Jun 01

Improper authorization in decolua 9router through version 0.4.0 allows remote attackers with low privileges to bypass JW

Share

CVE-2026-62327 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy