A critical broken access control vulnerability exists in 9Router due to improper enforcement of authentication boundaries. While access control is applied to /dashboard routes via middleware, multiple sensitive /api/* endpoints lack server-side authentication and authorization checks.
deepcat1337/Free_Api_Exploit
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|