| 标题 | Deepractice PromptX 2.4.0 Improper Authorization |
|---|
| 描述 | An arbitrary local file read vulnerability (CWE-862) has been identified in @promptx/mcp-office of PromptX, specifically within packages/mcp-office/src/index.ts. Multiple MCP tools—including read_docx, read_xlsx, read_pptx, list_xlsx_sheets, and read_pdf—accept a user-supplied path argument and use it directly in filesystem operations such as fs.readFileSync and AdmZip without workspace-boundary enforcement or allowlisting. An attacker with access to the mcp-office server can read arbitrary Office or PDF files from any location on the local filesystem by providing an absolute path outside the intended workspace. Version 2.4.0 is confirmed affected, and no fixed version is available at the time of reporting.
|
|---|
| 来源 | ⚠️ https://github.com/Deepractice/PromptX/issues/571 |
|---|
| 用户 | BruceJin (UID 96538) |
|---|
| 提交 | 2026-04-10 16時00分 (2 月前) |
|---|
| 管理 | 2026-04-27 17時24分 (17 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 359817 [Deepractice PromptX 直到 2.4.0 Document File index.ts path 信息公开] |
|---|
| 积分 | 20 |
|---|