What happened
9Router shipped with a static, publicly known fallback JWT signing secret used whenever an operator failed to set a custom one, allowing trivial forgery of authenticated session cookies.
Why it matters
Combined with 9Router's role as an AI/LLM traffic router, forged admin tokens grant full control over routed API keys, plugin configuration, and MCP bridge — a critical authentication bypass in widely-deployed AI gateway infrastructure.
Attack vector
9Router used a hardcoded fallback JWT secret ('9router-default-secret-change-me') across login, middleware, and dashboard session code, letting an attacker forge a valid auth_token cookie whenever the operator did not override the JWT secret, granting full authenticated access to the router's dashboard and APIs.
Affected systems
9Router 0.2.21 – 0.4.44
Mitigation
Upgrade past 0.4.44 and ensure a unique JWT secret is explicitly configured; rotate any tokens issued while the default secret was active.