Dive MCP Host Application Deep Link Vulnerability Leading to Remote Code Execution
Vulnerability
A remote code execution vulnerability has been identified in the Dive MCP Host Desktop Application, prior to version 0.13.0. The issue arises from the application's handling of deep links, which can be crafted to install an attacker-controlled MCP server configuration without adequate user confirmation. This flaw allows for arbitrary execution of local commands on the victim's machine.
Impact
Exploitation of this vulnerability allows for remote code execution on the victim's machine.
Reproduction
To reproduce this vulnerability, create a deep link with a base64-encoded MCP server configuration that includes a command to be executed. The deep link should be crafted to bypass the application's confirmation modal by using a transport type that does not require user interaction, such as 'sse'. When the link is opened, the application will execute the specified command on the user's machine, leading to remote code execution.
Remediation
Users can update to Dive version 0.13.0 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.