sigmade Git-MCP-Server Command Injection Vulnerability

A command injection vulnerability exists in sigmade Git-MCP-Server versions through 785aa159f262a02d5791a5d8a8e13c507ac42880. The issue arises from the unsafe use of the child_process.execSync function in the file src/gitUtils.ts. This vulnerability affects multiple components, including show_merge_diff, quick_merge_summary, and show_file_diff. The vulnerability allows for arbitrary OS command execution, with the exploitation needing to be initiated locally.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the server where Git-MCP-Server is running.

Reproduction

To reproduce this vulnerability, first upload the proof-of-concept file 'Git-MCP-Server bug.pdf' to the 'poc.txt' file. Then, run the 'show_merge_diff' tool, replacing the 'fromBranch' and 'toBranch' parameters with the injected command. The executed command will be 'git diff --name-only HEAD&whoami > poc.txt&echo..HEAD', which demonstrates the command injection by executing 'whoami' and writing the output to 'poc.txt'.

Remediation

A patch has been developed and is available as a pull request on the Git-MCP-Server repository. This patch replaces the use of execSync with execFileSync, which is a safer alternative that prevents command injection by treating command arguments as separate elements.