# Vulnerability Summary: dh1011 auto-favicon 1.0.1 Server-Side Request Forgery ## Vulnerability Overview - **Vulnerability ID**: #802054 - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Description**: The `generate_favicon_from_url` MCP tool within the `auto-favicon-mcp` tool accepts an arbitrary `image_url`, creates a new `aiohttp.ClientSession()`, and executes `session.get(image_url)` without any validation or restriction on the target. Attackers can construct malicious URLs pointing to internal network addresses (such as `localhost`, `127.0.0.1`, `169.254.169.254`, etc.) to read internal resources or launch SSRF attacks. ## Impact Scope - **Affected Component**: `auto-favicon-mcp` tool - **Affected Version**: `dh1011 auto-favicon` version `1.0.1` - **Impact Description**: Attackers can achieve SSRF by constructing malicious `image_url` parameters, allowing them to read internal network resources or probe internal services. ## Remediation - **Recommendation**: Perform strict URL validation on the `image_url` parameter, restricting access to legitimate public network addresses only, and blocking access to internal network addresses (such as `localhost`, `127.0.0.1`, `169.254.169.254`, etc.). - **Reference Link**: [GitHub Issue #2](https://github.com/dh1011/auto-favicon-mcp/issues/2) ## POC Code ```python # Specific POC code was not provided, but based on the description, attackers can achieve SSRF by constructing malicious image_url parameters. # Example malicious image_url: # http://localhost:8080/admin # http://127.0.0.1:8080/admin # http://169.254.169.254/latest/meta-data/ ```