CVE-2026-55500
decolua · 9router
The 9Router /api/settings/database endpoint allows unauthorized database export and import due to insufficient authentication checks.
Executive summary
A critical authentication bypass in decolua 9Router allows unauthorized actors to fully export or overwrite the application database, leading to potential credential and token theft.
Vulnerability
The /api/settings/database endpoint fails to properly validate authentication for database operations. While the middleware checks for tokens, the implementation is insufficient, allowing authenticated users to perform unauthorized full database exports or imports.
Business impact
The exposure of the entire database, including API keys, OAuth tokens, and sensitive credentials, poses an existential threat to the security of the infrastructure managed by 9Router. A CVSS score of 9.9 confirms the catastrophic potential of this vulnerability, as it allows for full data exfiltration and persistent system manipulation.
Remediation
Immediate Action: Update to version 0.4.80 or later to implement the corrected authentication middleware.
Proactive Monitoring: Audit database access logs for unauthorized export or modification requests occurring outside of standard administrative workflows.
Compensating Controls: Restrict network access to the /api/settings/database endpoint via a Web Application Firewall (WAF) or internal network segmentation.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability is of the highest severity and requires urgent attention. Administrators must verify that the update to 0.4.80 is applied immediately to prevent the leakage of sensitive credentials and the total takeover of the routing infrastructure.