@akoskm Create MCP Server Stdio Command Injection Vulnerability

A command injection vulnerability has been identified in the '@akoskm/create-mcp-server-stdio' package, specifically in versions prior to 0.0.13. The vulnerability arises within the MCP server tool 'which-app-on-port', which improperly uses the Node.js child process API 'exec'. This API is susceptible to command injection when combined with untrusted user input. Exploitation allows for remote command execution on the server where the MCP server is running.

Impact

Exploitation of this vulnerability allows for user-initiated and remote command injection on a running MCP server, potentially leading to unauthorized command execution on the host system.

Reproduction

To reproduce this vulnerability, use a version of the '@akoskm/create-mcp-server-stdio' package that is prior to 0.0.13. Start the MCP server and invoke the 'which-app-on-port' tool, providing input that includes special shell characters, such as those used in prompt injection attacks. The server will execute the injected commands on the host system, demonstrating the command injection vulnerability.

Remediation

Users are advised to update to version 0.0.13 or later, where this vulnerability has been patched. The update is available on the npm registry.