DeepSeek Exposed Database Leaks Sensitive Data
DeepSeek, a new AI chatbot provider from China, is under scrutiny after cybersecurity experts discovered a vulnerability in its AI database infrastructure.
Researchers at cloud security firm Wiz found an exposed database leaking sensitive data, including chat histories, API keys, and backend details.
After being notified by the Wiz Research team, DeepSeek promptly secured the issue.
DeepSeek Sensitive Input Information Exposed
DeepSeek’s exposed database was a ClickHouse setup, a column-oriented system for handling large-scale OLAP data.
While DeepSeek launched its R1 reasoning LLM, Wiz analyzed its security posture and found a publicly accessible, unauthenticated ClickHouse database at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000—which should have been internal.
Using ClickHouse’s HTTP interface, Wiz accessed the /play path, allowing execution of arbitrary SQL queries. A simple SHOW TABLES; command revealed datasets containing chat histories, backend data, API keys, and operational details.
The exposure allowed full control over the database and potential privilege escalation within DeepSeek’s environment—without authentication or defense mechanisms.
Attackers could retrieve sensitive logs, plaintext chat messages, and potentially even passwords or proprietary files using queries like SELECT * FROM file('filename'), depending on ClickHouse’s configuration.
Wiz researchers avoided intrusive queries, limiting their actions to enumeration.
For Further Reference