genieacs-mcp
by GeiserX
Overview
Acts as a bridge to expose GenieACS instances as an MCP v1 (JSON-RPC for LLMs) server, enabling read-only data consumption and actions on connected CPEs.
Installation
go run ./cmd/serverEnvironment Variables
- ACS_URL
- ACS_USER
- ACS_PASS
Security Notes
The server has a potential JSON query injection vulnerability in the `client/acs.go` methods (`GetDevice`, `GetFileByName`, `GetTasksForDevice`). User-provided input (e.g., `id`, `fname`) is directly inserted into JSON query strings using `fmt.Sprintf` without proper escaping. If a malicious input contains JSON special characters (e.g., `"`), it could manipulate the underlying GenieACS API query, potentially leading to unintended data access or actions. Additionally, the server uses default `admin:admin` credentials for GenieACS if environment variables are not set, posing a significant security risk if deployed without configuration changes.
Similar Servers
mcp-context-forge
Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.
MCP-connect
A lightweight bridge service that exposes local MCP servers as HTTP APIs, enabling cloud AI tools and agents to interact with various local MCP services via Streamable HTTP or a classic request/response bridge.
jentic-sdks
The Jentic MCP Plugin enables AI-agent builders to discover, load, and execute external APIs and workflows via the Model Configuration Protocol (MCP), generating LLM-compatible tool definitions.
git-netai
Provides a unified, asynchronous Model Context Protocol (MCP) server for managing multi-platform network infrastructure (routers, firewalls, WiFi, monitoring, data centers) via a single AI-accessible API.