This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: `GitSearchRequest` in `mcp_server.py` does not filter the `repo_url`/`pattern` parameters. π₯ **Consequence**: Can trigger **command injection** β Remote Code Execution (RCE).
Q2Root Cause? (CWE/Flaw)
π **Root Cause**: Input is not securely processed. π **Defect Point**: Suspected **CWE-77** (Command Injection). βοΈ User input is directly concatenated when constructing system commands.
πΎ **What Hackers Can Do**: - π οΈ Remotely execute arbitrary system commands. - ποΈ Read/modify sensitive files. - π΅οΈ Probe or control the server. - β No local privileges required.
π¨ **Existing Exploit Available**: - β Exploit code is publicly available. - π§ͺ Although PoC is not listed in the data, it is marked as **exploitable**. - β οΈ Risk of **in-the-wild exploitation** exists.
Q7How to self-check? (Features/Scanning)
π **Self-Check Method**: - π Check if using **MCP β€ 0.1.0**. - π Verify if `mcp_server.py` contains `GitSearchRequest`. - π§ͺ Search if `repo_url`/`pattern` are directly concatenated into commands. - π‘ Use network scanningβ¦
π **Official Fix Status**: - β **No patch available**. - π¬ The project team is aware (GitHub Issue #2), but has **not responded**. - π« No mitigation measures have been released yet.
Q9What if no patch? (Workaround)
π‘οΈ **Temporary Mitigation Measures**: - π Restrict network access to the `GitSearchRequest` API (firewall/IP whitelist). - π« Disable or remove the Git Search functionality. - π§Ό If you control the code, **filter/escape** β¦