housekeeper-bee-mcp-server

CRITICAL VULNERABILITIES IDENTIFIED: 1. **Disabled TLS Certificate Verification**: The line `process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';` explicitly disables SSL/TLS certificate validation for all outbound HTTPS requests. This makes the application highly vulnerable to Man-in-the-Middle (MITM) attacks, allowing an attacker to intercept and tamper with communication to the Housekeeper Bee server without detection. 2. **Unverified JWTs**: The `decodeToken` function uses `jwt.decode(token)` without any signature verification. This means that an attacker could forge a JWT (e.g., modify user ID, set an arbitrary expiration date) and the application would consider it valid, completely bypassing authentication and authorization mechanisms for sensitive operations like deletion, renaming, and schedule changes. 3. **Path Traversal and Potential Remote Code Execution (RCE)**: Several file operations (`writeToTextFile`, `exportToJsonFile`, `exportToHtmlFile`) use a user-controlled `filename` or a constructed `filePath` based on `exportFilePath` (from environment variables). If an attacker can inject path traversal sequences (e.g., `../../`) into the `filename` via an LLM prompt, they could write files to arbitrary locations on the server. The `exportToHtmlFile` then uses `open(`${filePath}`)` to open the generated HTML file. If a malicious script is written via path traversal, `open` could execute it, leading to Remote Code Execution (RCE) on the host running the MCP server. 4. **SSRF Risk**: The `serverUrl` and `adminUrl` are read from environment variables and used for internal API calls. While typically configured securely, if these environment variables are compromised, an attacker could potentially direct the server to make requests to internal network resources, leading to Server-Side Request Forgery (SSRF).