This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical authorization flaw in LibreChat's MCP stdio transport. π **Consequences**: Allows arbitrary command execution with **root privileges** inside the container via a single API request.β¦
π‘οΈ **CWE**: CWE-285 (Improper Authorization). π **Flaw**: The MCP stdio transport accepts **arbitrary commands** without proper validation. β **Root Cause**: Lack of input verification on command execution pathways.
Q3Who is affected? (Versions/Components)
π¦ **Product**: LibreChat (by danny-avila). π **Affected Versions**: **v0.8.2-rc2 and earlier**. β **Fixed**: Versions after v0.8.2-rc2.
Q4What can hackers do? (Privileges/Data)
π» **Privileges**: **Root** access within the container. ποΈ **Data**: Full read/write access to container filesystem and processes. π **Scope**: Any authenticated user can exploit this to escalate privileges.
Q5Is exploitation threshold high? (Auth/Config)
π **Auth Required**: **Yes**. The attacker must be an **authenticated user**. πΆ **Network**: Network-accessible (AV:N). π― **Complexity**: Low (AC:L).β¦
π« **Public Exploit**: No public PoC or wild exploitation code available in the provided data. π **Status**: Referenced via GitHub commit and security advisory (GHSA-cxhj-j78r-p88f).
Q7How to self-check? (Features/Scanning)
π **Check**: Verify your LibreChat version. π **Action**: If version < **v0.8.2-rc2**, you are vulnerable. π οΈ **Scan**: Look for MCP stdio transport configurations in your deployment.β¦
β **Fixed**: Yes. π¦ **Patch**: Upgrade to **LibreChat v0.8.2-rc2 or later**. π **Reference**: See GitHub commit `211b39f` and GHSA advisory for details.
Q9What if no patch? (Workaround)
π§ **Workaround**: If patching is impossible, **restrict network access** to the API. π **Mitigation**: Ensure only trusted users have authenticated access.β¦
π₯ **Priority**: **CRITICAL**. π¨ **Urgency**: Immediate action required. π **CVSS**: High severity (H/H/H). β³ **Time**: Patch as soon as possible to prevent root container takeover.