APIs do not ship with the defaults you want. They ship with the defaults that make the tutorial work. CORS wide open so the hello-world demo runs. An internal admin handler exposed on the same router as the public one. A default credential on a management dashboard nobody remembered to turn off. None of this is code. It is settings.
Security misconfiguration is when the bug is not in your code, it is in your settings. CORS wildcards, exposed admin routes, default credentials, debug endpoints in production, management dashboards on public ports. The code compiles. The app works. The settings are wrong.
What your AI actually built
You asked for an API with authentication and a dashboard. The model gave you the API, the dashboard, and — without mentioning it — a CORS handler set to Access-Control-Allow-Origin: * with credentials enabled, because that is what the getting-started guides do.
It also wired up a few internal endpoints next to the public ones: /api/admin/users for the dashboard, /api/internal/queue for the worker, /api/debug/env for the build you did at 2am. None of them have auth, because the model assumed they would only ever be called 'from inside.' They are on the same public router.
And somewhere in your compose file there is a management service — pgAdmin, Redis Commander, a queue dashboard — that the model added because you said 'I want to see the data.' It is bound to 0.0.0.0 with the default credentials baked into the image.
How it gets exploited
The attacker fingerprints the app, scrapes the Next.js build manifest, and lists every route the client knows about.