Safety researchers from the Wiz Research revealed a public database of data Information used in the company AI services deepseek . Due to the lack of proper restriction of access to the storage of logs, anyone could receive confidential information about the work of DeepSeek services. More than a million records were stored in the database, including logs with the history of users’ messages in the deepseek AI-Chat, API access keys, detailed information about the work of backens and metadata used in the work of various systems.
During the study of publicly affordable deepseek.com subdomains, the researchers drew attention to the hosth2callback.deepseek.com and dev.deepseek.com, on network ports 9000 and 8123 of which there was a storage service based on the DBMS Clickhouse . The network port 9000 was used to connect applications, and through port 8123 a Web interface was provided, which made it possible to send any SQL request.
The displayed DBMS settings provided full control over operations in the database, with access without authentication. According to researchers, available access was enough to organize an attack that did not limit the DBMS and allowing to gain privileged access to the Deepseek infrastructure.
Recall that last week DeepSeek published under the free license MIT Language models deepseek-r1 and deepseekek-r1- Zero , covering 671 billion parameters. Deepseek-R1 is considered as the largest and most high-quality model to solve problems requiring a logical output published in the public domain. In 12 tests, the indicated model overtook Proprietary models of Claude -3.5-Sonnet, Openai GPT-4O and Openai O1, and in 9 tests demonstrated close indicators.
Deepseek-R1 is an improved version of the language model deepseek-v3 , published in December 2024 under the MIT license. The DeepSeek-V3 model, like Deepseek-R1, covers 671 billion parameters, takes into account the context of 128 thousand tokens and is close or overtaken by the Claude-3.5-Sonnet and GPT-4O. Deepseek-V3 and Deepseek-R1 can be launched on their own equipment using typical open frameworks to perform language models, such as vllm