BurtTheCoder mcp-dnstwist OS Command Injection Vulnerability

An OS command injection vulnerability has been identified in BurtTheCoder mcp-dnstwist version 1.0.4. The issue resides in the fuzz_domain function within the MCP Interface component, specifically in the src/index.ts file. The vulnerability allows for the injection of shell metacharacters into the nameservers parameter, which is then executed as a command without proper validation or escaping. This flaw can be exploited remotely, potentially leading to arbitrary command execution on the server hosting the MCP interface.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution on the MCP server host, with the same privileges as the server process. This could result in a full compromise of the host, including unauthorized access to sensitive data, disruption of services, and modification of files or execution of additional payloads with elevated privileges.

Reproduction

To reproduce this vulnerability, upload the mcp-dnstwist package to a Node.js environment with Docker installed. Start the MCP server using the 'mcp-inspector' tool. Once the server is running, invoke the 'fuzz_domain' tool through the MCP interface, supplying a crafted string that includes shell metacharacters in the 'nameservers' parameter. The injected command will be executed on the server, and the response can be validated to confirm successful exploitation.

Remediation

Users are advised to update to version 1.0.5 or later, where this vulnerability has been fixed. If an immediate update is not possible, consider restricting access to the 'fuzz_domain' tool and applying strict validation to user-controlled parameters before execution.