r-huijts xcode-mcp-server Command Injection Vulnerability in run_lldb Tool

A command injection vulnerability has been identified in the r-huijts xcode-mcp-server application, specifically in the 'run_lldb' tool. This issue is present in versions up to and including the commit f3419f00117aa9949e326f78cc940166c88f18cb. The vulnerability arises in the 'registerXcodeTools' function within 'src/tools/xcode/index.ts', where the 'args' parameter is manipulated, leading to arbitrary command execution. This exploitation can be performed remotely.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the server where the xcode-mcp-server is running. The impact varies based on the deployment model of the MCP service. In a local deployment without sandboxing, the command injection could lead to arbitrary code execution with the current user's privileges. In a remote, multi-tenant SaaS deployment, this could result in a critical cross-tenant compromise.

Reproduction

To reproduce this vulnerability, send a request to the 'run_lldb' tool with the 'args' parameter containing the payload. The server will execute the injected command on the host machine.

Remediation

The vulnerability has been patched in the commit 11f8d6bacadd153beee649f92a78a9dad761f56f. Users are advised to update to the latest version.