OpenClaude MCP OAuth State Validation Bypass Leading to Denial-of-Service

A vulnerability in OpenClaude's MCP authentication flow allows for an OAuth state validation bypass, leading to a denial-of-service condition. The issue arises because the authentication process relies on a temporary local HTTP server to manage OAuth callbacks. To mitigate CSRF attacks, the server checks the 'state' parameter against a stored value. However, a logic flaw in the conditional checks enables an attacker to bypass this validation entirely. By sending a request with an 'error' parameter, the attacker can force the server to shut down, disrupting the user's authentication session without needing to know the 'state' value.

Impact

Exploiting this vulnerability terminates the user's OAuth session and shuts down the local callback server, causing a denial-of-service condition. The attack can be executed remotely through a malicious web page that initiates a cross-origin request, taking advantage of the CSRF vulnerability.

Reproduction

The vulnerability can be reproduced by saving a provided proof-of-concept script as 'poc.js' and running it with Node.js. This script sets up a local server that listens for OAuth callbacks. Once the server is running, a curl command can be used to send a request that includes the 'error' parameter. This request will bypass the state validation and cause the server to shut down, demonstrating the vulnerability.

Remediation

Users can update to OpenClaude version 0.5.1, which addresses this vulnerability by repositioning the state validation check to occur before any error parameters are processed.