DeDeveloper23 Codebase-MCP Command Injection Vulnerability

A command injection vulnerability exists in DeDeveloper23 Codebase-MCP versions prior to 1.0.0, specifically in the RepoMix Command Handler component. The issue arises from the unsafe use of child_process.execSync, which allows user-controlled input to be interpolated into command strings and executed. This vulnerability is present in the 'getCodebase', 'getRemoteCodebase', and 'saveCodebase' functions within 'src/tools/codebase.ts'. Exploitation of this vulnerability allows for arbitrary command execution on the server where the MCP service is running, using the same privileges as the MCP server process.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the server hosting the MCP service, potentially leading to unauthorized access, data exposure, or modifications to the host environment, depending on the privileges of the MCP server process.

Reproduction

To reproduce this vulnerability, use the 'getCodebase', 'getRemoteCodebase', or 'saveCodebase' tools in the Codebase-MCP application. When invoking these tools, include malicious input in the parameters that can be exploited to inject shell commands. The injected commands will be executed with the same privileges as the MCP server process.

Remediation

It is recommended to avoid using 'execSync' for executing commands. Instead, use 'execFileSync', which allows for safer execution by treating command arguments as separate elements, reducing the risk of injection. Additionally, implement strict input validation for all parameters exposed to MCP clients, particularly those that can influence command execution, such as 'includePatterns', 'ignorePatterns', 'repo', and 'outputFile'.