| 제목 | puchunjie @puchunjie/doc-tools-mcp 1.0.18, Commit c96df45a16710a3eec41a7a94c32b81468db28ea Path Traversal |
|---|
| 설명 | An arbitrary file read and write vulnerability (CWE-73) has been identified in @puchunjie/doc-tools-mcp version 1.0.18, specifically within the create_document and open_document MCP tools. The tools accept a user‑supplied filePath argument and pass it directly to fs.writeFile or fs.readFile without constraining the path to a safe document directory, rejecting absolute paths, or validating traversal sequences. An attacker with network access to the MCP interface can write or read arbitrary Word documents (.docx files) at any filesystem location accessible to the server process, leading to data exposure, integrity loss, and potential service disruption. No fixed version is available at the time of reporting. |
|---|
| 원천 | ⚠️ https://github.com/puchunjie/doc-tools-mcp/issues/4 |
|---|
| 사용자 | BruceJqs (UID 97404) |
|---|
| 제출 | 2026. 04. 18. PM 01:42 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 05. 03. PM 06:19 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 360913 [puchunjie doc-tools-mcp 1.0.18 MCP Interface src/mcp-server.ts create_document/open_document filePath 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|