[ ⌘K ]
← BACK TO SEARCH

Dipankershah/dataforseo-mcp-server

high

No description

MCP server (purpose undetermined)

purpose: MCP server (purpose undetermined)threat: network exposed
TypeScript1May 20, 2026May 20, 2026GITHUB
Vulnerability Analysis[ 2 findings in 2 blocks ]
5/20/2026
critical1 finding
src/index.ts
19    const credentials = {
20      username: process.env.DATAFORSEO_USERNAME || "vecif47502@cxnlab.com",
21      password: process.env.DATAFORSEO_PASSWORD || "a8eb463220faf069"
22    };
src/index.ts:19

// Exploitable if source code is exposed (e.g., via repository, compromised LLM, or network exposure). For network_exposed MCP, severity is critical.

The code uses hardcoded default credentials for the DataForSEO API when environment variables are not set. This exposes the API username and password in plaintext within the source code.

ImpactAn attacker who gains access to the source code (e.g., via repository access, compromised LLM, or network exposure) can use these credentials to authenticate to the DataForSEO API, potentially incurring costs, accessing sensitive SEO data, or performing unauthorized actions.

FixRemove hardcoded default credentials. Require environment variables to be set explicitly, or fail with a clear error if they are missing. Consider using a secrets manager or secure configuration injection.

high1 finding
src/api/integrations.ts
23export async function setupApiIntegrations(server: McpServer, config: IntegrationConfig) {
24  const tools = [
25    registerSerpTools,
26    registerKeywordsTools,
27    registerLabsTools,
28    registerBacklinksTools,
29    registerOnPageTools,
30    registerDomainAnalyticsTools,
31    registerContentAnalysisTools,
32    registerContentGenerationTools,
33    registerMerchantTools,
34    registerAppDataTools,
35    registerBusinessDataTools
36  ];
37  for (const registerTool of tools) {
38    await registerTool(server, config.apiClient);
39  }
40  if (config.localFalcon?.apiKey) {
41    await registerLocalFalconTools(server, {
42      apiKey: config.localFalcon.apiKey,
43      baseUrl: config.localFalcon.baseUrl
44    });
45  }
46}
src/api/integrations.ts:23

// Exploitable if MCP is exposed to untrusted prompts (network_exposed) or if LLM is compromised (local_only).

The server registers a large number of API tools (SERP, keywords, backlinks, etc.) without any input validation or scope restriction. Each tool likely accepts user-controlled parameters that are passed directly to external APIs. Without validation, an attacker could craft requests to access unintended API endpoints or manipulate parameters to cause excessive usage, data exfiltration, or injection attacks.

ImpactAn attacker could abuse the tools to perform unauthorized API calls, potentially incurring costs, accessing sensitive data from other accounts, or exploiting API vulnerabilities (e.g., SSRF, injection). The broad scope exceeds the intended purpose of a focused SEO analytics tool.

FixImplement input validation and allowlisting for each tool's parameters. Restrict API calls to only necessary endpoints and operations. Consider rate limiting and authentication checks per tool.

Heuristic Signals
network.httpshell.execenv.exposure

Risk Score

65
LLM-based
high findings+25
critical findings+40