Ray Unauthenticated DELETE Request Vulnerability via Browser Reaching Dashboard

A vulnerability in Ray's dashboard HTTP server allows unauthenticated DELETE requests from browsers, which can be exploited to shut down Ray Serve applications or delete jobs. This issue is present in Ray versions prior to 2.54.0. The vulnerability arises because the server blocks POST and PUT requests from browsers but does not apply the same restriction to DELETE requests. Key DELETE endpoints can be accessed without authentication, creating a denial-of-service impact by disrupting active applications and job management.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition by shutting down Ray Serve applications and deleting jobs, causing disruption in active workflows.

Reproduction

To reproduce this vulnerability, ensure that the Ray dashboard is accessible (e.g., by starting Ray with the '--dashboard-host=0.0.0.0' option) and that no token authentication is enabled. Once the dashboard is reachable, DELETE requests can be sent from a browser or through a web page that uses DNS rebinding to the vulnerable DELETE endpoints. The requests will succeed because the DELETE method is not blocked by the server's middleware, which only applies to POST and PUT requests.

Remediation

Users can update to Ray version 2.54.0 or higher to address this vulnerability.