| 标题 | TencentCloudBase CloudBase-MCP 2.16.1 Server-Side Request Forgery |
|---|
| 描述 | A server-side request forgery (SSRF) vulnerability (CWE-918) has been identified in the interactive server component of CloudBase MCP, specifically within mcp/src/interactive-server.ts. The HTTP endpoint POST /api/open-url accepts an attacker-controlled url value from the request body and passes it directly to openUrl() and subsequently to open() without validation or allowlisting. The server listens on x.x.x.x by default, making the endpoint reachable beyond loopback in many deployments. An attacker with network access to this endpoint can coerce the affected host into opening arbitrary URLs, enabling outbound requests to attacker‑controlled or internal destinations. Version 2.16.1 is confirmed affected, and no fixed version is available at the time of reporting. |
|---|
| 来源 | ⚠️ https://github.com/TencentCloudBase/CloudBase-MCP/issues/509 |
|---|
| 用户 | BruceJin (UID 96538) |
|---|
| 提交 | 2026-04-10 18時01分 (2 月前) |
|---|
| 管理 | 2026-04-27 17時35分 (17 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 359821 [TencentCloudBase CloudBase-MCP 直到 2.17.0 open-url API Endpoint interactive-server.ts openUrl req.body.url 权限提升] |
|---|
| 积分 | 20 |
|---|