| Título | TencentCloudBase CloudBase-MCP 2.16.1 Server-Side Request Forgery |
|---|
| Descrição | A server-side request forgery (SSRF) vulnerability (CWE-918) has been identified in the interactive server component of CloudBase MCP, specifically within mcp/src/interactive-server.ts. The HTTP endpoint POST /api/open-url accepts an attacker-controlled url value from the request body and passes it directly to openUrl() and subsequently to open() without validation or allowlisting. The server listens on x.x.x.x by default, making the endpoint reachable beyond loopback in many deployments. An attacker with network access to this endpoint can coerce the affected host into opening arbitrary URLs, enabling outbound requests to attacker‑controlled or internal destinations. Version 2.16.1 is confirmed affected, and no fixed version is available at the time of reporting. |
|---|
| Fonte | ⚠️ https://github.com/TencentCloudBase/CloudBase-MCP/issues/509 |
|---|
| Utilizador | BruceJin (UID 96538) |
|---|
| Submissão | 10/04/2026 18h01 (há 2 meses) |
|---|
| Moderação | 27/04/2026 17h35 (17 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 359821 [TencentCloudBase CloudBase-MCP até 2.17.0 open-url API Endpoint interactive-server.ts openUrl req.body.url Elevação de Privilégios] |
|---|
| Pontos | 20 |
|---|