| tiêu đề | ravenwits mcp-server-arangodb 0.4.7 Path Traversal |
|---|
| Mô tả | An arbitrary file write vulnerability (CWE-73) has been identified in mcp-server-arangodb version 0.4.7 (commit 3964a1f), specifically within the arango_backup MCP tool. The tool accepts a user‑supplied outputDir argument, resolves it with path.resolve, creates the directory, and writes JSON backup files there without constraining the destination to a safe backup root or validating path traversal. An attacker with network access to the MCP interface can write database backup files to arbitrary writable filesystem locations, leading to integrity loss and potential service disruption. No fixed version is available at the time of reporting. |
|---|
| Nguồn | ⚠️ https://github.com/ravenwits/mcp-server-arangodb/issues/7 |
|---|
| Người dùng | BruceJqs (UID 97404) |
|---|
| Đệ trình | 17/04/2026 10:05 (cách đây 2 các tháng) |
|---|
| Kiểm duyệt | 03/05/2026 10:01 (16 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 360891 [ravenwits mcp-server-arangodb đến 0.4.7 MCP Interface src/tools.ts arango_backup outputDir duyệt thư mục] |
|---|
| điểm | 20 |
|---|