Duartium Papers-MCP-Server Path Traversal Vulnerability in the Search_Papers Function

A path traversal vulnerability has been identified in Duartium Papers-MCP-Server version 0.1.0, specifically in the search_papers function of the file src/main.py. The vulnerability arises because the function allows manipulation of the topic argument, which is used to create a directory name under the papers directory. The server only lowercases the topic string and replaces spaces with underscores, while traversal sequences and path separators remain intact. This oversight enables an attacker to escape the intended directory and write a JSON file containing arbitrary data to a location outside the application's designated workspace. The vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for path traversal, where an attacker can manipulate the topic argument to escape the intended directory and overwrite or create files in arbitrary locations on the server. This could lead to unauthorized access to sensitive information or disruption of service, depending on the files targeted.

Reproduction

To reproduce this vulnerability, invoke the search_papers function with a topic argument that includes traversal sequences, such as '../../../../tmp/papers_poc'. The server will create a directory at the specified path and write a JSON file inside it, effectively escaping the intended papers directory.