9Router
Monthly
Improper authorization in decolua 9router through version 0.4.0 allows remote attackers with low privileges to bypass JWT authentication by manipulating the HTTP Host header, gaining unauthorized access to protected dashboard and API endpoints. The vulnerable isLocalRequest() function in dashboardGuard.js blindly trusted the client-supplied Host header to determine whether a request originated from localhost, enabling any network-reachable attacker to spoof local origin by sending Host: localhost. No public exploit code or CISA KEV listing exists at time of analysis; vendor-released patch v0.4.1 is available and confirmed.
Remote authorization bypass in decolua 9router up to version 0.3.47 allows unauthenticated network attackers to access the Administrative API Endpoint (/api) without proper credentials, potentially exposing sensitive functionality. The vulnerability has publicly available exploit code and vendor-released patch version 0.3.75 is available, reducing real-world risk for patched deployments but creating urgency for unpatched instances given active public disclosures.
Improper authorization in decolua 9router through version 0.4.0 allows remote attackers with low privileges to bypass JWT authentication by manipulating the HTTP Host header, gaining unauthorized access to protected dashboard and API endpoints. The vulnerable isLocalRequest() function in dashboardGuard.js blindly trusted the client-supplied Host header to determine whether a request originated from localhost, enabling any network-reachable attacker to spoof local origin by sending Host: localhost. No public exploit code or CISA KEV listing exists at time of analysis; vendor-released patch v0.4.1 is available and confirmed.
Remote authorization bypass in decolua 9router up to version 0.3.47 allows unauthenticated network attackers to access the Administrative API Endpoint (/api) without proper credentials, potentially exposing sensitive functionality. The vulnerability has publicly available exploit code and vendor-released patch version 0.3.75 is available, reducing real-world risk for patched deployments but creating urgency for unpatched instances given active public disclosures.