MoussaabBadla Code-Screenshot-MCP OS Command Injection Vulnerability

A command injection vulnerability has been identified in MoussaabBadla's code-screenshot-mcp version 0.1.0. This vulnerability resides within the HTTP interface component, specifically in the generator.ts file. The issue allows attackers to execute arbitrary operating system commands by sending crafted input through request parameters. This unsanitized input is then passed to command execution functions, such as execAsync, with the same privileges as the server process. Exploitation of this vulnerability could lead to a complete compromise of the host, including unauthorized access to data, disruption of services, and alteration of system integrity.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the server, with potential consequences including full host compromise, unauthorized data access, disruption of services, and alteration of server state.

Reproduction

To reproduce this vulnerability, send a request to the MCP HTTP interface that includes a command injection payload in the 'id' parameter. The injected command will be executed on the server, and the output can be captured by redirecting it to standard error.

Remediation

It is recommended to remove direct execution of shell commands from request-driven paths, replace free-form command inputs with fixed allowlists, and validate arguments before execution. Additionally, implement authentication and authorization controls on sensitive MCP HTTP handlers.