QuantumNous new-api is an AI asset management system and LLM gateway that, prior to version 0.11.4-alpha.2, contained a critical authorization bypass vulnerability classified as CWE-639 (Authorization Bypass Through User-Controlled Key). The vulnerability exists in the video proxy endpoint (`GET /v1/videos/:task_id/content`), where the function `model.GetByOnlyTaskId(taskID)` retrieves video content based solely on the task_id parameter without verifying the user_id ownership. This contrasts with other parts of the codebase that correctly enforce ownership by querying with both userId and taskID. As a result, any authenticated user can access video content and associated AI task data belonging to other users. Furthermore, the server may authenticate to upstream AI providers such as Google Gemini and OpenAI using credentials derived from tasks it does not own, potentially exposing sensitive API credentials or causing unauthorized actions. The vulnerability requires authentication but no user interaction and can be exploited remotely over the network. The issue was addressed in version 0.11.4-alpha.2 by adding the missing user ownership check in the task lookup function. No known exploits are currently reported in the wild. The CVSS v3.1 base score is 6.5, reflecting a medium severity due to high confidentiality impact but no integrity or availability impact.

The primary impact of this vulnerability is unauthorized disclosure of video content and AI task data belonging to other users within the QuantumNous new-api system. This can lead to leakage of sensitive or proprietary information, violating confidentiality. Additionally, because the server authenticates to upstream AI providers using credentials tied to other users' tasks, attackers may indirectly gain access to or misuse these external AI services, potentially causing data leakage or unauthorized AI operations. Organizations relying on QuantumNous new-api for managing AI assets and video content may face data privacy violations, regulatory compliance issues, and reputational damage. While the vulnerability does not affect data integrity or system availability, the exposure of sensitive content and credentials can have significant operational and legal consequences. The requirement for authentication limits exploitation to insiders or compromised accounts, but the ease of bypassing authorization checks makes it a serious concern for multi-tenant environments or shared platforms.

The primary mitigation is to upgrade QuantumNous new-api to version 0.11.4-alpha.2 or later, which contains the patch enforcing proper user ownership checks on task queries. Organizations should immediately apply this update to eliminate the authorization bypass. In addition, conduct a thorough audit of access control mechanisms across all API endpoints to ensure consistent enforcement of user ownership and authorization policies. Implement monitoring and alerting for unusual access patterns to video content or AI tasks that do not align with user roles or ownership. Consider employing API gateways or web application firewalls (WAFs) to add an additional layer of authorization validation. Review and rotate credentials used for upstream AI provider authentication to mitigate risks from any previously exposed credentials. Finally, educate developers on secure coding practices to avoid similar IDOR vulnerabilities, emphasizing the importance of verifying user context in all resource access functions.