dubydu sqlite-mcp SQL Injection Vulnerability in extract_to_json Function
Vulnerability
A SQL injection vulnerability has been identified in dubydu sqlite-mcp versions through 0.1.0. The issue arises in the extract_to_json function within src/entry.py, where the output_filename parameter is not properly sanitized. This flaw allows for arbitrary file writes by manipulating the output_filename, leading to potential SQL injection. The vulnerability can be exploited remotely, and a public exploit is available.
Impact
Exploitation of this vulnerability allows for SQL injection, with the potential to overwrite arbitrary JSON files writable by the service account. This could lead to unauthorized data manipulation or disclosure.
Reproduction
To reproduce this vulnerability, invoke the extract_to_json function with a crafted output_filename that includes directory traversal sequences, such as '../../../../tmp/evil.json'. The function will rewrite the filename to include the .json extension and write the database contents to the specified path, bypassing the intended directory restrictions.
Remediation
Users are advised to update to the patched version of sqlite-mcp, which is available on the project's GitHub repository.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.