CVE-2026-55500

decolua · 9router

The 9Router /api/settings/database endpoint allows unauthorized database export and import due to insufficient authentication checks.

Executive summary

A critical authentication bypass in decolua 9Router allows unauthorized actors to fully export or overwrite the application database, leading to potential credential and token theft.

Vulnerability

The /api/settings/database endpoint fails to properly validate authentication for database operations. While the middleware checks for tokens, the implementation is insufficient, allowing authenticated users to perform unauthorized full database exports or imports.

Business impact

The exposure of the entire database, including API keys, OAuth tokens, and sensitive credentials, poses an existential threat to the security of the infrastructure managed by 9Router. A CVSS score of 9.9 confirms the catastrophic potential of this vulnerability, as it allows for full data exfiltration and persistent system manipulation.

Remediation

Immediate Action: Update to version 0.4.80 or later to implement the corrected authentication middleware.

Proactive Monitoring: Audit database access logs for unauthorized export or modification requests occurring outside of standard administrative workflows.

Compensating Controls: Restrict network access to the /api/settings/database endpoint via a Web Application Firewall (WAF) or internal network segmentation.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability is of the highest severity and requires urgent attention. Administrators must verify that the update to 0.4.80 is applied immediately to prevent the leakage of sensitive credentials and the total takeover of the routing infrastructure.