Listen to this Post
The CVE-2024-XXXX vulnerability exists in the ExecuteAutomation MCP Server’s `read_query` tool. The tool attempts to enforce a read-only mode by checking if a user-supplied SQL query string begins with “SELECT”. This control is critically flawed. Attackers can bypass it by crafting a malicious query that starts with “SELECT” but contains additional, semicolon-terminated queries for multi-statement execution. Furthermore, even single SELECT queries can invoke dangerous database functions. For example, in PostgreSQL, a query like `SELECT pg_terminate_backend(123)` can terminate other database sessions, causing a denial of service. The underlying database driver supports these multi-queries and function calls, allowing the attacker to bypass the intended security policy and execute unauthorized commands on the connected database server.
Platform: Node.js/npm
Version: @executeautomation/database-server
Vulnerability: SQL Injection
Severity: Critical
date: 2024-05-15
Prediction: Patch 2024-06-15
What Undercode Say:
npm install @executeautomation/database-server git clone https://github.com/executeautomation/mcp-database-server grep -n "startsWith" index.ts
// index.ts vulnerable code
if (!query.trim().toLowerCase().startsWith("select")) {
throw new Error("Only SELECT queries are allowed");
}
const result = await dbAll(query);
How Exploit:
SELECT FROM users; DROP TABLE users; SELECT pg_sleep(10); SELECT pg_terminate_backend(12345);
Protection from this CVE:
Implement parameterized queries.
Use strict database user permissions.
Disallow multi-statement queries.
Whitelist allowed query patterns.
Impact:
Denial of Service
Data Confidentiality Loss
Unauthorized Data Access
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

