Mixelpixx Google-Search-MCP Server-Side Request Forgery Vulnerability

A server-side request forgery (SSRF) vulnerability exists in Mixelpixx Google-Research-MCP version 0.1.0. The issue arises in the Model Context Protocol (MCP) Handler, specifically within the 'extractContent' function of 'src/services/content-extractor.service.ts'. This vulnerability allows attackers to manipulate URL parameters, leading to unauthorized outbound HTTP requests from the server. The lack of proper validation on user-supplied URLs enables exploitation, such as accessing internal network resources or cloud metadata services. The vulnerability is present because the application trusts user input for outbound requests without adequate security measures, such as destination allowlisting or blocking private network addresses.

Impact

Exploitation of this vulnerability allows for arbitrary HTTP requests to be made from the server's network context, potentially accessing internal resources or cloud metadata services.

Reproduction

To reproduce this vulnerability, send a request to the MCP tool interface, specifically targeting the 'google_search' tool. Include a manipulated URL in the 'arguments' parameter that points to a controlled listener or an internal resource. If the server processes the request and accesses the specified URL, the vulnerability has been successfully exploited.