Kicad Mcp
Monthly
Path validation bypass in kicad-mcp up to 3.3.1 enables local low-privileged users to read files outside intended directory scope by manipulating the `project_path` or `schematic_path` arguments processed by `kicad_mcp/utils/path_validator.py`. The protection mechanism in this MCP (Model Context Protocol) server for KiCad PCB design software fails to adequately sanitize or normalize supplied paths, resulting in limited confidentiality impact with no integrity or availability consequences. No public patch is available as of this analysis; a proof-of-concept exploit exists publicly via GitHub issue #57, though the project maintainer has not yet responded to the disclosure.
Path validation bypass in kicad-mcp up to 3.3.1 enables local low-privileged users to read files outside intended directory scope by manipulating the `project_path` or `schematic_path` arguments processed by `kicad_mcp/utils/path_validator.py`. The protection mechanism in this MCP (Model Context Protocol) server for KiCad PCB design software fails to adequately sanitize or normalize supplied paths, resulting in limited confidentiality impact with no integrity or availability consequences. No public patch is available as of this analysis; a proof-of-concept exploit exists publicly via GitHub issue #57, though the project maintainer has not yet responded to the disclosure.