AlejandroArciniegas mcp-data-vis SQL Injection Vulnerability

A SQL injection vulnerability has been identified in AlejandroArciniegas mcp-data-vis version 1.0.0. The issue resides in the MCP Handler component, specifically within the Request function of the file src/servers/database/server.js. The vulnerability allows an attacker to manipulate SQL queries by injecting malicious schema values into SQL commands, which are then executed without proper validation or parameterization. This exploitation can lead to unauthorized access, modification, or deletion of data in the application's SQLite database. The vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can execute arbitrary SQL commands. This could result in unauthorized data access, data manipulation, or even deletion of database tables, potentially disrupting the application's functionality.

Reproduction

The vulnerability can be reproduced by sending a JSON-RPC request to the MCP server that invokes the 'create_table' method. The 'schema' parameter can be crafted to include malicious SQL commands, such as dropping a database table, which demonstrates the injection attack.

Remediation

It is recommended to remove support for user-supplied raw schema inputs, replace them with a strictly validated structured schema definition, and limit access to the database MCP server to trusted users and transports.