HackMD MCP Server, Server-Side Request Forgery (SSRF), CVE-2024-XXXX (Critical)

Listen to this Post

The CVE-2024-XXXX vulnerability in the HackMD MCP server’s HTTP mode stems from improper validation of user-supplied URL inputs. Attackers exploit this by injecting a malicious `hackmdApiUrl` value via the `Hackmd-Api-Url` HTTP header or a base64-encoded `config` query parameter in a request to the server’s `/initialize` endpoint. The server fails to sanitize this input, blindly using the supplied URL to make backend API requests. This allows an attacker to redirect the server’s internal HTTP requests to any arbitrary endpoint, including those on internal, private networks that are normally inaccessible from the outside, leading to server-side request forgery. The application’s trust in the client-supplied header/parameter without an allowlist check is the core technical failure.
Platform: HackMD MCP Server
Version: <1.5.0
Vulnerability: SSRF
Severity: Critical

date: 2024

Prediction: Patch: 2024-09-15

What Undercode Say:

`curl -H “Hackmd-Api-Url: http://internal-service/” http://target-server:3000/initialize`
`echo ‘{“hackmdApiUrl”: “http://localhost:22/”}’ | base64`
`export ALLOWED_HACKMD_API_URLS=”https://api.hackmd.io/v1″`

How Exploit:

Craft HTTP request with malicious header.

Encode target URL in base64 parameter.

Redirect server to internal endpoints.

Protection from this CVE

Update to version 1.5.0.

Set ALLOWED_HACKMD_API_URLS env var.

Use TRANSPORT=stdio mode.

Employ reverse proxy filtering.

Impact:

Internal network access.

Sensitive data exposure.

Network reconnaissance.

Bypass of access controls.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top