| Titel | Deepractice PromptX 2.4.0 Improper Authorization |
|---|
| Beschreibung | An arbitrary local file read vulnerability (CWE-862) has been identified in @promptx/mcp-office of PromptX, specifically within packages/mcp-office/src/index.ts. Multiple MCP tools—including read_docx, read_xlsx, read_pptx, list_xlsx_sheets, and read_pdf—accept a user-supplied path argument and use it directly in filesystem operations such as fs.readFileSync and AdmZip without workspace-boundary enforcement or allowlisting. An attacker with access to the mcp-office server can read arbitrary Office or PDF files from any location on the local filesystem by providing an absolute path outside the intended workspace. Version 2.4.0 is confirmed affected, and no fixed version is available at the time of reporting.
|
|---|
| Quelle | ⚠️ https://github.com/Deepractice/PromptX/issues/571 |
|---|
| Benutzer | BruceJin (UID 96538) |
|---|
| Einreichung | 10.04.2026 16:00 (vor 2 Monaten) |
|---|
| Moderieren | 27.04.2026 17:24 (17 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 359817 [Deepractice PromptX bis 2.4.0 Document File index.ts path Information Disclosure] |
|---|
| Punkte | 20 |
|---|