mcp-framework Denial-of-Service Vulnerability via Unbounded HTTP Request Body Handling
Vulnerability
A denial-of-service vulnerability has been identified in mcp-framework versions through 0.2.21. The issue arises in the readRequestBody() function of the HTTP transport, where request body chunks are concatenated into a string without any size limit. Although a maxMessageSize configuration option exists, it is not enforced, allowing remote unauthenticated attackers to send large POST requests to /mcp, causing memory exhaustion and crashing the server.
Impact
Exploitation of this vulnerability leads to memory exhaustion, causing the server to crash. The readRequestBody() function processes data before any authentication checks, and the existing maxMessageSize configuration is not enforced, creating a false sense of security.
Reproduction
The vulnerability can be reproduced by sending a large POST request, such as one exceeding 50MB, to the /mcp endpoint of an mcp-framework HTTP server. This can be done using tools like Postman or curl, by selecting the 'POST' method and uploading a large file as the request body.
Remediation
Users can update to mcp-framework version 0.2.22 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.