Experts from the American IT startup Wiz, which specializes in cloud security solutions, analyzed the Chinese platform DeepSeek for vulnerabilities. During their research, they discovered an open database containing 976,000 log entries, including confidential user information. The database was found completely unprotected and accessible without authentication.
Critical Security Oversight
While testing the platform, researchers encountered two open ports (8123 and 9000) that led to an unprotected database. The absence of a password allowed access via text commands. After a few queries, they extracted a log file named log_stream, which contained nearly a million records. The most sensitive data fields included:
- timestamp – logs dating back to January 6, 2025, with session times.
- string.values – text logs containing chat history, API keys, server details, and metadata.
- _source – data on the origin of log requests, revealing directory structures and chatbot logs.
According to Wiz experts, this security lapse could have allowed attackers to obtain confidential user data, including chat messages in plain text. Additionally, they could have stolen passwords and local files from company servers. However, it remains unclear whether the exposed data was linked to specific user accounts or anonymized records.
At the time of writing, the DeepSeek vulnerability had already been fixed, notes NIX Solutions. However, the platform’s developers have not released an official statement regarding the issue. The extent of potential data leaks remains unknown, yet we’ll keep you updated as more information emerges.