| タイトル | ravenwits mcp-server-arangodb 0.4.7 Path Traversal |
|---|
| 説明 | An arbitrary file write vulnerability (CWE-73) has been identified in mcp-server-arangodb version 0.4.7 (commit 3964a1f), specifically within the arango_backup MCP tool. The tool accepts a user‑supplied outputDir argument, resolves it with path.resolve, creates the directory, and writes JSON backup files there without constraining the destination to a safe backup root or validating path traversal. An attacker with network access to the MCP interface can write database backup files to arbitrary writable filesystem locations, leading to integrity loss and potential service disruption. No fixed version is available at the time of reporting. |
|---|
| ソース | ⚠️ https://github.com/ravenwits/mcp-server-arangodb/issues/7 |
|---|
| ユーザー | BruceJqs (UID 97404) |
|---|
| 送信 | 2026年04月17日 10:05 (2 月 ago) |
|---|
| モデレーション | 2026年05月03日 10:01 (16 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 360891 [ravenwits mcp-server-arangodb 迄 0.4.7 MCP Interface src/tools.ts arango_backup outputDir ディレクトリトラバーサル] |
|---|
| ポイント | 20 |
|---|