While digging into a known Ray Dashboard vulnerability, I discovered something alarming—over 184,000 Ray dashboards are publicly accessible without any login or access control. These dashboards allow anyone to remotely run code, steal secrets, or hijack AI infrastructure.
I detail the exposure, how attackers could abuse it, and what teams can do to secure their setups. This goes far beyond misconfiguration—it’s a systemic oversight in how AI infra is deployed.
Would love to hear your thoughts or see if others have found similar cases.
0 comments