Wong2 mcp-cli Command Injection Vulnerability in OAuth Authorization Handling
Vulnerability
A command injection vulnerability has been identified in Wong2 mcp-cli version 1.13.0. The issue arises in the OAuth handler, specifically within the 'redirectToAuthorization' function of the 'src/oauth/provider.js' file. This vulnerability allows for operating system command injection, which can be exploited remotely. The exploitation is considered to have high complexity and difficulty.
Impact
Exploitation of this vulnerability leads to arbitrary operating system command execution on the client machine where mcp-cli is running.
Reproduction
To reproduce this vulnerability, connect to a malicious MCP server that is set up to exploit this command injection flaw. The server must be configured to include OAuth authorization endpoints that can be injected with harmful payloads. Once connected, the 'redirectToAuthorization' function will be triggered, executing the injected command on the client's operating system.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.