Description
@akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server exposes the tool `which-app-on-port` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input. Version 0.0.13 contains a fix for the issue.
EPSS Score:
0%
Comprehensive Technical Analysis of EUVD-2025-27167
1. Vulnerability Assessment and Severity Evaluation
The vulnerability described in EUVD-2025-27167 pertains to a command injection flaw in the @akoskm/create-mcp-server-stdio MCP server starter kit. This vulnerability arises from the unsafe use of the Node.js exec function within the which-app-on-port tool, which can be exploited if concatenated with untrusted user input. The severity of this vulnerability is rated with a CVSS Base Score of 9.3, indicating a critical risk.
CVSS Vector Breakdown:
- AV:N (Network Vector): The vulnerability can be exploited remotely over the network.
- AC:L (Low Complexity): The attack requires low skill or resources to exploit.
- AT:N (No Authentication): No authentication is required to exploit the vulnerability.
- PR:N (No Privileges Required): The attacker does not need any special privileges.
- UI:N (No User Interaction): No user interaction is required for the attack to succeed.
- VC:H (High Confidentiality Impact): The vulnerability can lead to a significant breach of confidentiality.
- VI:H (High Integrity Impact): The vulnerability can lead to a significant breach of integrity.
- VA:H (High Availability Impact): The vulnerability can lead to a significant breach of availability.
- SC:N (Scope Change): The vulnerability does not change the security scope.
- SI:N (Scope Integrity): The vulnerability does not affect the integrity of the security scope.
- SA:N (Scope Availability): The vulnerability does not affect the availability of the security scope.
2. Potential Attack Vectors and Exploitation Methods
The primary attack vector is command injection, where an attacker can inject malicious commands into the input processed by the which-app-on-port tool. This can be achieved by:
- Crafting specially designed input that includes malicious commands.
- Exploiting the
execfunction's vulnerability to execute arbitrary commands on the server.
Exploitation Methods:
- An attacker could send a request to the MCP server with a payload that includes commands to execute system-level operations, such as downloading and executing malware, exfiltrating data, or modifying system configurations.
- The attacker could also chain multiple commands to escalate privileges or gain persistent access to the system.
3. Affected Systems and Software Versions
The vulnerability affects all versions of the @akoskm/create-mcp-server-stdio MCP server starter kit prior to version 0.0.13. Systems running these versions are at risk of command injection attacks.
Affected Versions:
@akoskm/create-mcp-server-stdio< 0.0.13
4. Recommended Mitigation Strategies
Immediate Mitigation:
- Upgrade to version 0.0.13 or later, which contains the fix for the command injection vulnerability.
- Implement input validation and sanitization to prevent the execution of untrusted commands.
Long-Term Mitigation:
- Conduct a thorough code review to identify and remediate similar vulnerabilities.
- Implement secure coding practices, especially when dealing with user input and system commands.
- Regularly update and patch all software components to ensure they are protected against known vulnerabilities.
5. Impact on European Cybersecurity Landscape
The vulnerability poses a significant risk to organizations and individuals using the affected MCP server starter kit. Given the critical nature of the vulnerability, it could be exploited to compromise sensitive data, disrupt services, and potentially lead to further attacks within the European cybersecurity landscape. The high CVSS score underscores the urgency for immediate remediation to prevent widespread exploitation.
6. Technical Details for Security Professionals
Vulnerable Code Snippet:
const { exec } = require('child_process');
function whichAppOnPort(port) {
exec(`lsof -i :${port}`, (error, stdout, stderr) => {
if (error) {
console.error(`exec error: ${error}`);
return;
}
console.log(`stdout: ${stdout}`);
console.error(`stderr: ${stderr}`);
});
}
Fixed Code Snippet:
const { exec } = require('child_process');
function whichAppOnPort(port) {
const sanitizedPort = port.replace(/[^0-9]/g, ''); // Ensure port is a number
exec(`lsof -i :${sanitizedPort}`, (error, stdout, stderr) => {
if (error) {
console.error(`exec error: ${error}`);
return;
}
console.log(`stdout: ${stdout}`);
console.error(`stderr: ${stderr}`);
});
}
Key Points:
- The vulnerability arises from the unsafe use of the
execfunction with untrusted user input. - The fix involves sanitizing the input to ensure it only contains valid characters (in this case, numeric characters for the port).
- Security professionals should review all instances of
execand similar functions to ensure they are used securely.
References:
By addressing this vulnerability promptly and thoroughly, organizations can significantly reduce the risk of command injection attacks and enhance their overall cybersecurity posture.