CVE-2026-46339
9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/proxy.js middleware did not protect /api/cli-tools/* and /api/mcp/*, allowing unauthenticated registration of customPlugins through src/app/api/cli-tools/cowork-settings/route.js and command execution through the MCP bridge. This vulnerability is fixed in 0.4.37.
View on NVDAnalysis
9Router presenta una vulnerabilidad crítica que permite a atacantes no autenticados registrar plugins personalizados y ejecutar comandos arbitrarios en el servidor a través de sus endpoints de API. El fallo reside en la falta de protección en el middleware de proxy, lo que facilita el compromiso total del sistema mediante inyección de comandos. Se recomienda actualizar inmediatamente a la versión 0.4.37 para corregir esta brecha de seguridad con impacto directo en entornos de producción.
Relevant roles
Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HCWE-78CWE-306EPSS
No EPSS score yet (CVE may be too fresh).
Technical description
9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/proxy.js middleware did not protect /api/cli-tools/* and /api/mcp/*, allowing unauthenticated registration of customPlugins through src/app/api/cli-tools/cowork-settings/route.js and command execution through the MCP bridge. This vulnerability is fixed in 0.4.37.