ryanjoachim mcp-rtfm Path Traversal Vulnerability in Documentation File Handling

A path traversal vulnerability has been identified in ryanjoachim mcp-rtfm version 0.1.0. The issue arises in the MCP interface's document handling functions, where user-supplied file names are interpolated into file paths without proper validation. This flaw allows attackers to manipulate the file path and access files outside the intended directory. The vulnerability can be exploited remotely, potentially leading to unauthorized file read or write operations on the server.

Impact

Exploitation of this vulnerability allows for arbitrary file read or write access on the server, depending on the privileges of the MCP process. This could result in unauthorized data exposure, modification of critical files, and disruption of the application's normal operation.

Reproduction

To reproduce this vulnerability, use the MCP tool 'get_doc_content' with a traversal payload that includes '../' sequences to escape the '.handoff_docs' directory. Alternatively, the 'read_doc' and 'update_doc' tools can be used in conjunction to modify files outside the '.handoff_docs' directory, demonstrating the write capability of the vulnerability.

Remediation

The vulnerability has been patched in commit e6f0686fc36012f78236e7fed172c81444904b0b. Users are advised to update to the latest version.