### Critical Vulnerability Information #### Vulnerability Overview - **Title**: Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise - **Severity**: Critical (9.8/10) - **CVE ID**: CVE-2026-26190 - **Affected Versions**: - = 2.6.0, < 2.6.10 - **Fixed Versions**: - 2.5.27 - 2.6.10 #### Vulnerability Details ##### Vulnerability 1: Weak Default Authentication on `/expr` Endpoint - **Issue**: The `/expr` endpoint on port 9091 accepts an `auth` parameter, which defaults to `by-dev` for authentication. This value is predictable and widely known. - **Impact**: - Exposure of sensitive configurations or credentials, such as MinIO keys, etcd credentials, etc. - Denial-of-service attacks, capable of shutting down proxy services. - Arbitrary file write, potentially leading to remote code execution. ##### Vulnerability 2: Unauthenticated REST API on Metrics Port - **Issue**: HTTP handlers related to business logic are registered on the metrics/management HTTP server. The `registerHTTPServer()` function on port 9091 in `internal/distributed/proxy/service.go` (line 170) exposes these endpoints without enforcing any authentication. Attackers can perform business operations without credentials. - **Impact**: - Ability to create, list, and delete collections. - Insert and query data. - Manage user credentials and passwords. #### Proof of Concept (PoC) The screenshot includes a Python script example that can be used to exploit both the `/expr` endpoint vulnerability and the unauthenticated REST API vulnerability. #### Internet Exposure A large number of publicly exposed Milvus instances can be discovered via internet-wide scanning using the pattern `http.body="404 page not found" && port="9091"`. This indicates that the vulnerability may be exploited in real production environments. #### Impact - Leakage of credentials and secrets. - Manipulation of all data. - Management of user accounts. - Service denial of service. - Arbitrary file writing, potentially leading to remote code execution. #### Mitigation and Remediation - Remove or disable the `/expr` endpoint. - Avoid registering business API routes on the metrics port. - Bind port 9091 to localhost by default. - Enforce authentication on all API endpoints. #### User Mitigation Steps - Use firewall rules to block external access to port 9091. - Change the default value of `etcd.rootPath` if not yet patched. #### Acknowledgments This vulnerability was discovered and responsibly reported by YingLin Xie. Independent reporters of this vulnerability also include 0x1 and zznQ.