| 제목 | mastergo-design mastergo-magic-mcp 0.2.0 Information Disclosure |
|---|
| 설명 | A vulnerability was found in mastergo-design/mastergo-magic-mcp 0.1.7-beta.0. The issue affects the MCP tool mcp__C2d and the parameter filePath.
The mcp__C2d tool accepts a caller-controlled filePath argument and reads the referenced file with fs.readFileSync(filePath, "utf-8") without enforcing a trusted workspace, project root, extension allow-list, or canonical path containment. The file body is then sent to MasterGo's backend /postC2d endpoint as the design-source payload.
An MCP client that can invoke this tool may cause the MCP server process to read arbitrary local files accessible to the server user, such as local configuration files, source files, plaintext secrets, SSH keys, cloud credentials, or other process-readable files. The file body leaves the host through an HTTPS request to MasterGo's backend.
Affected package: @mastergo/magic-mcp
Affected tool: mcp__C2d
Affected parameter: filePath
Affected file: src/tools/get-c2d.ts
CWE: CWE-22 / CWE-200 / CWE-20
CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Suggested severity: Medium
Suggested remediation: resolve filePath with realpath and require it to remain inside an operator-approved workspace or explicitly selected project directory before reading. Reject absolute paths, traversal attempts, and symlink escapes outside the trusted root. Consider an extension allow-list and explicit user confirmation for off-host upload. |
|---|
| 원천 | ⚠️ https://github.com/mastergo-design/mastergo-magic-mcp/issues/88 |
|---|
| 사용자 | Mcfly_Zhang (UID 98877) |
|---|
| 제출 | 2026. 06. 12. AM 04:15 (1 월 ago) |
|---|
| 모더레이션 | 2026. 07. 14. PM 05:39 (1 month later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 378328 [mastergo-design mastergo-magic-mcp 까지 0.2.0 mcp__C2d src/tools/get-c2d.ts execute filePath 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|