📄 Description (English)
A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead to path traversal. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
🤖 AI Executive Summary
A path traversal vulnerability (CVE-2026-7272) exists in WilliamCloudQi matlab-mcp-server allowing remote attackers to manipulate the scriptPath parameter in the MCP Interface, potentially enabling unauthorized file access and code execution. With a CVSS score of 7.3 and no patch currently available, this poses an immediate risk to organizations using this component. The vulnerability is particularly concerning as the exploit has been publicly disclosed and the vendor has not yet responded to remediation efforts.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 5, 2026 17:18
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations in the technology and research sectors that utilize matlab-mcp-server for computational tasks. Government research institutions (KACST), universities, and technology companies conducting data analysis or scientific computing are at elevated risk. Financial institutions using MATLAB for quantitative analysis and risk modeling could face data breach risks. Telecommunications companies (STC, Mobily) and energy sector organizations (ARAMCO) employing MATLAB for engineering simulations are also vulnerable. The path traversal flaw could enable attackers to access sensitive research data, financial models, or proprietary algorithms stored on affected systems.
🏢 Affected Saudi Sectors
Government Research (KACST)
Higher Education
Financial Services
Energy (ARAMCO)
Telecommunications (STC, Mobily)
Technology and IT Services
Engineering and Manufacturing
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
7.8
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all systems running WilliamCloudQi matlab-mcp-server and isolate them from production networks if possible
2. Disable the MCP Interface functionality until a patch is available
3. Implement network segmentation to restrict access to the affected service
4. Review access logs for suspicious scriptPath parameter manipulation attempts
COMPENSATING CONTROLS:
1. Deploy Web Application Firewall (WAF) rules to block requests containing path traversal patterns (../, ..\ , %2e%2e)
2. Implement strict input validation on the scriptPath parameter - whitelist only alphanumeric characters and specific allowed directories
3. Run the service with minimal file system permissions using principle of least privilege
4. Enable comprehensive logging and monitoring of all MCP Interface requests
5. Implement rate limiting on the generate_matlab_code and execute_matlab_code endpoints
DETECTION RULES:
1. Monitor for requests containing: ../, ..\ , %2e%2e, %252e in scriptPath parameters
2. Alert on any file access attempts outside designated MATLAB working directories
3. Track execution of unexpected system commands through the MCP interface
4. Monitor for unusual process spawning from the matlab-mcp-server process
PATCHING GUIDANCE:
1. Contact vendor for security patch timeline
2. Prepare for emergency patching once available
3. Consider alternative solutions or temporary service discontinuation if risk is unacceptable
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد جميع الأنظمة التي تقوم بتشغيل خادم matlab-mcp-server وعزلها عن شبكات الإنتاج إن أمكن
2. تعطيل وظيفة واجهة MCP حتى يتوفر تصحيح
3. تطبيق تقسيم الشبكة لتقييد الوصول إلى الخدمة المتأثرة
4. مراجعة سجلات الوصول للكشف عن محاولات معالجة معامل scriptPath المريبة
الضوابط البديلة:
1. نشر قواعد جدار حماية تطبيقات الويب (WAF) لحجب الطلبات التي تحتوي على أنماط اجتياز المسار
2. تطبيق التحقق الصارم من المدخلات على معامل scriptPath - قائمة بيضاء للأحرف الأبجدية الرقمية فقط
3. تشغيل الخدمة بأقل صلاحيات نظام ملفات ممكنة
4. تفعيل السجلات الشاملة ومراقبة جميع طلبات واجهة MCP
5. تطبيق تحديد معدل على نقاط نهاية generate_matlab_code و execute_matlab_code
قواعد الكشف:
1. مراقبة الطلبات التي تحتوي على: ../ و ..\ و %2e%2e في معاملات scriptPath
2. تنبيهات محاولات الوصول إلى الملفات خارج مجلدات عمل MATLAB المخصصة
3. تتبع تنفيذ أوامر النظام غير المتوقعة من خلال واجهة MCP
4. مراقبة توليد العمليات غير العادية من عملية matlab-mcp-server
إرشادات التصحيح:
1. التواصل مع البائع لمعرفة جدول زمني لتصحيح الأمان
2. التحضير للتصحيح الطارئ عند توفره
3. النظر في حلول بديلة أو إيقاف الخدمة المؤقت إذا كان الخطر غير مقبول
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.5.1.1 - Information Security Policies and Procedures
A.6.1.1 - Access Control Policy
A.8.1.1 - Asset Management
A.12.2.1 - Change Management
A.12.6.1 - Management of Technical Vulnerabilities
🔵 SAMA CSF
ID.AM-2 - Software Inventory
PR.AC-1 - Access Control
PR.PT-2 - Protective Technology
DE.CM-1 - Monitoring and Detection
RS.MI-1 - Incident Response Planning
🟡 ISO 27001:2022
A.5.1 - Policies for information security
A.6.1 - Information security roles and responsibilities
A.8.1 - Asset inventory and responsibility
A.12.2 - Change management
A.12.6 - Management of technical vulnerabilities
A.14.2 - Development and change management
🟣 PCI DSS v4.0.1
Requirement 6.2 - Security patches and updates
Requirement 11.2 - Vulnerability scanning
🔗 References & Sources 6
🔗
🔗
🔗
🔗
🔗
🔗
https://github.com/BruceJqs/public_exp/issues/18
cna@vuldb.com
https://github.com/WilliamCloudQi/matlab-mcp-server/
cna@vuldb.com
https://github.com/WilliamCloudQi/matlab-mcp-server/issues/8
cna@vuldb.com
https://vuldb.com/submit/802911
cna@vuldb.com
https://vuldb.com/vuln/359927
cna@vuldb.com
https://vuldb.com/vuln/359927/cti
cna@vuldb.com