Hi.
Today I discovered that the request to url _http://127.0.0.1:7890/shutdown causes my NIS to stop without warning. Moreover, the similar request causes stop of the remote NIS on the specified IP address. Thus, anyone can remotely shutdown any public NIS server in the NEM network.
Is this a bug or a feature?
I just noticed my NIS shut down suddenly. Came here to check.
this is severe.
seems like almost most nodes are now shutdown already
see nodeexplorer: http://nodeexplorer.com/
devs?
lol some attacker/script shut(s) the entire network down, this is what I got in my logs:
INFO NEM Infrastructure Server 0.6.25-BETA shutdown… (org.nem.core.deploy.CommonStarter main)
I didnt initiate this. /shutdown did.
lol nice bug 
dumb bug :-[
We've used @ClientApi instead of @TrustedApi on /shutdown
Preparing security fix right now.
thx for quick reaction gimre 