ExecuteAutomation MCP Server, SQL Injection, CVE-2024-XXXX (Critical)

Listen to this Post

The CVE-2024-XXXX vulnerability exists in the ExecuteAutomation MCP Server’s `read_query` tool. The tool attempts to enforce a read-only mode by checking if a user-supplied SQL query string begins with “SELECT”. This control is critically flawed. Attackers can bypass it by crafting a malicious query that starts with “SELECT” but contains additional, semicolon-terminated queries for multi-statement execution. Furthermore, even single SELECT queries can invoke dangerous database functions. For example, in PostgreSQL, a query like `SELECT pg_terminate_backend(123)` can terminate other database sessions, causing a denial of service. The underlying database driver supports these multi-queries and function calls, allowing the attacker to bypass the intended security policy and execute unauthorized commands on the connected database server.
Platform: Node.js/npm
Version: @executeautomation/database-server
Vulnerability: SQL Injection
Severity: Critical

date: 2024-05-15

Prediction: Patch 2024-06-15

What Undercode Say:

npm install @executeautomation/database-server
git clone https://github.com/executeautomation/mcp-database-server
grep -n "startsWith" index.ts
// index.ts vulnerable code
if (!query.trim().toLowerCase().startsWith("select")) {
throw new Error("Only SELECT queries are allowed");
}
const result = await dbAll(query);

How Exploit:

SELECT FROM users; DROP TABLE users;
SELECT pg_sleep(10);
SELECT pg_terminate_backend(12345);

Protection from this CVE:

Implement parameterized queries.

Use strict database user permissions.

Disallow multi-statement queries.

Whitelist allowed query patterns.

Impact:

Denial of Service

Data Confidentiality Loss

Unauthorized Data Access

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top