GHSA-vjc7-jrh9-9j86: 9router has unauthenticated CRUD on /api/providers and Full API Key Leak via /api/usage/stats
title: Unauthenticated CRUD on /api/providers and Full API Key Leak via /api/usage/stats
product: 9Router
version: <= 0.4.41
severity: critical
cve_request: true
Summary
Multiple critical API security vulnerabilities were discovered in 9Router's Next.js dashboard. The /api/providers endpoints lack authentication entirely, allowing anyone to create, read, update, and delete provider connections. Additionally, /api/usage/stats exposes full plaintext API keys, and /api/usage/request-logs + /api/usage/request-details expose all users' request history and full conversation contents (including system prompts, user messages, assistant responses) without authentication.
Affected Endpoints
| Endpoint | Method | Issue |
|---|---|---|
| /api/providers | GET | Lists all provider connections with partial credentials, OAuth tokens, account IDs |
| /api/providers/:id | GET | Read any single provider detail (IDOR) |
| /api/providers | POST | Create arbitrary provider connections with attacker-controlled API keys |
| /api/providers/:id | PUT | Modify any existing provider connection |
| /api/providers/:id | DELETE | Delete any provider connection |
| /api/usage/stats | GET | Exposes full plaintext API keys, per-account usage breakdown, cost data |
| /api/usage/request-logs | GET | Exposes all users' request logs (model, tokens, cost, timestamp, provider) |
| /api/usage/request-details/:id | GET | Exposes full conversation turns including system prompts, user messages, assistant responses |
| /api/version | GET | Exposes current version info |
| /api/models | GET | Exposes full model routing catalog |
| /api/v1/models | GET | Exposes model list |
Impact
Critical: Provider CRUD without authentication
An attacker can:
1. Add a malicious provider — inject a provider that proxies through their server, capturing all prompts, responses, and API keys routed through 9Router
2. Modify existing providers — replace API keys with attacker-controlled ones, redirect traffic
3. Delete all pr
Details
Original advisory: https://github.com/advisories/GHSA-vjc7-jrh9-9j86
More from GitHub Security Advisories
- criticalGHSA-g936-7jqj-mwv8: TSDProxy: Internal proxy auth token forwarded to backend services enables management API …2026-07-10
- highGHSA-fpg8-7664-jc5q: melange: Incomplete package integrity verification allows data section substitution2026-07-10
- mediumGHSA-48rx-c7pg-q66r: Excon does not redact additional sensitive/risky headers when following redirects2026-07-10
- highGHSA-h4g2-xfmw-q2c9: Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enab…2026-07-10
- mediumGHSA-rqq5-2gf9-4w4q: Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when giv…2026-07-10