Divyanshu-hash GitPilot-MCP Command Injection Vulnerability

A command injection vulnerability has been identified in Divyanshu-hash GitPilot-MCP versions up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. The issue arises in the 'repo_path' function of 'main.py', where the 'command' argument is not properly validated before being executed with 'shell=True'. This flaw allows remote attackers to inject and execute arbitrary shell commands. The vulnerability has been publicly disclosed and is exploitable.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the host system, with potential impacts on confidentiality, integrity, and availability. According to the vulnerability database VulDB, this vulnerability could be exploited to read arbitrary files, modify files within the repository and on the host, and disrupt continuous integration workflows.

Reproduction

To reproduce this vulnerability, invoke the 'run_tests' tool with a malicious 'command' argument. Ensure that 'repo_path' points to an existing directory. The injected command will be executed in the specified directory, allowing verification of the command injection via the command's side effects.