AhujaSid Blender MCP Hunyuan3D Integration Arbitrary File Read Vulnerability

An arbitrary file read vulnerability has been identified in the AhujaSid Blender MCP integration, specifically within the Hunyuan3D model generation feature. This vulnerability arises from the MCP server's handling of the 'input_image_url' parameter, which is passed to the Blender addon without proper validation. Local file paths can be exploited to read sensitive files, such as '/etc/passwd', and exfiltrate their contents to an external API endpoint. The issue has been publicly disclosed and is present in versions of the Blender MCP addon prior to the latest commit, which introduced necessary validation measures.

Impact

Successful exploitation allows for arbitrary file read access, enabling an attacker to read any file accessible by the Blender process and exfiltrate its contents to an external server.

Reproduction

To reproduce this vulnerability, upload the affected version of the Blender MCP addon and start the MCP server in Blender. Then, use the 'generate_hunyuan3d_model' tool, providing a local file path as the 'input_image_url' parameter. The MCP server will read the specified file without validation and, if it contains readable data, exfiltrate the contents to the configured API endpoint.

Remediation

Users can update to the latest version of the AhujaSid Blender MCP addon, which includes the necessary validation to prevent arbitrary file reads. Instructions for updating the addon are available in the project's README file.