0xKoda WireMCP Command Injection Vulnerability in Tshark CLI Command Handler

A command injection vulnerability exists in 0xKoda WireMCP versions through 7f45f8b2b4adeb76be8c6227eefb38533fdd6b1e. The issue arises in the 'server.tool' function of 'index.js', within the Tshark CLI Command Handler component. This vulnerability allows for arbitrary OS command execution by injecting shell metacharacters into commands that are executed via 'child_process.exec'. The exploitation must be performed locally.

Impact

Successful exploitation allows for arbitrary command execution on the host machine, with the same privileges as the WireMCP process.

Reproduction

To reproduce this vulnerability, start the WireMCP server and connect to it using an MCP client. Once connected, select the 'capture_packets' tool and inject a command through the 'interface' parameter by appending shell metacharacters, such as '&', to the input. When the tool is executed, the injected command will be executed on the server.

Remediation

It is recommended to replace 'child_process.exec' with 'execFile' or 'spawn', using argument arrays and disabling shell execution. Additionally, apply strict input validation to all parameters exposed to MCP clients.