Scaffold Mcp
Monthly
Path traversal in AgiFlow scaffold-mcp's write-to-file tool allows remote unauthenticated attackers to read, write, or delete arbitrary files on the server by manipulating the file_path parameter. Versions up to 1.0.27 are affected. Public exploit code exists (GitHub issue #88), enabling attackers to bypass directory restrictions and access sensitive files or overwrite critical system files. CVSS 7.3 (High) with network attack vector and no authentication required. Vendor-released patch available in version 1.1.0 (commit c4d23592).
Path traversal in AgiFlow scaffold-mcp's write-to-file tool allows remote unauthenticated attackers to read, write, or delete arbitrary files on the server by manipulating the file_path parameter. Versions up to 1.0.27 are affected. Public exploit code exists (GitHub issue #88), enabling attackers to bypass directory restrictions and access sensitive files or overwrite critical system files. CVSS 7.3 (High) with network attack vector and no authentication required. Vendor-released patch available in version 1.1.0 (commit c4d23592).