SafeDep Vet DNS Rebinding Vulnerability in MCP Server SSE Transport

A DNS rebinding vulnerability has been identified in SafeDep Vet versions prior to 1.12.5. This issue arises from inadequate validation of the HTTP Host and Origin headers, allowing remote attackers to access the Vet MCP server running on localhost via a manipulated website. Exploitation requires the victim to have an active Vet scan report in the SQLite database, and the attack can be executed through the SQLite query MCP tool, potentially exposing sensitive scan data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to data in the Vet scan SQLite database, allowing attackers to retrieve sensitive information from the reports.

Reproduction

To reproduce this vulnerability, first, conduct a scan using SafeDep Vet and save the report in the SQLite database. Then, start a Vet MCP server in SSE mode on the default port. With the server running, an attacker can lure a victim to a malicious website that exploits DNS rebinding, accessing the Vet SSE server on localhost and using the SQLite query MCP tool to read the database.

Remediation

Users can update to SafeDep Vet version 1.12.5, which addresses the vulnerability by implementing a validation and allow list for the Host and Origin headers. Alternatively, the issue can be mitigated by using the 'stdio' transport for the MCP server instead of 'SSE'.