← All Checks high ASVS V15.3.6

Exposed Ports

AI agents routinely spin up databases, caches, and dev servers bound to 0.0.0.0 — making them reachable from any network interface, not just localhost. This means anyone on your WiFi (or the internet, if you’re on a VPS) can access your database.

What it catches

  • MySQL listening on *:3306
  • Redis with no auth on *:6379
  • MongoDB exposed on *:27017
  • PostgreSQL on all interfaces
  • Dev servers bound to 0.0.0.0 (Next.js, Vite, Django, Flask)
  • Jupyter Notebooks on *:8888 (full code execution!)
  • Elasticsearch on *:9200 (full data access)

Why vibe coders should care

When your AI agent writes a docker-compose.yml or runs npm run dev, it often binds to 0.0.0.0 for convenience. This means:

  • Working from a coffee shop? Everyone on the WiFi can access your database.
  • Running on a VPS? The entire internet can connect to your Redis with no password.
  • Docker default ports? ports: - "3306:3306" exposes to all interfaces.

Real impact:

  • “MongoDB ransomware” attacks targeted thousands of exposed MongoDB instances — attackers wiped data and demanded Bitcoin
  • Redis has no authentication by default — anyone who connects can read/write everything and even execute Lua scripts
  • Exposed Jupyter Notebooks = full remote code execution on your machine

Fix

Bind services to 127.0.0.1 in your Docker Compose or config files:

# ❌ Exposed to all interfaces
ports:
  - "3306:3306"

# ✅ Localhost only
ports:
  - "127.0.0.1:3306:3306"
// ❌ AI agents do this by default
app.listen(3000, '0.0.0.0');

// ✅ Bind to localhost
app.listen(3000, '127.0.0.1');

VibSec’s menu bar app also includes a live port monitor that continuously checks for exposed services on your machine and alerts you instantly.

Related checks: Excessive Agency · Browser & Cookie Security · All Checks

Feedback