mcp-community-repos/nocodb_mcp_server
criticalNo description
MCP server (purpose undetermined)
41const NOCODB_AUTH_TOKEN = "g1yv0i7rv5FABWVdrI3OqExdE_P_DatwCdMrFcr3";// Exploitable if source code is exposed or MCP server is network-exposed.
The NocoDB authentication token is hardcoded directly in the source code. This token is used to authenticate all API requests to the NocoDB instance.
ImpactAnyone with access to the source code (e.g., via repository access, decompilation, or MCP server exposure) can use this token to authenticate to the NocoDB API and perform any operations that the token allows, including reading, modifying, or deleting data.
FixRemove the hardcoded token and use environment variables or a secure secrets manager. Load the token from process.env.NOCODB_AUTH_TOKEN at runtime.
40const NOCODB_URL = "https://nocodb.plataforma.app";
41const NOCODB_AUTH_TOKEN = "g1yv0i7rv5FABWVdrI3OqExdE_P_DatwCdMrFcr3";
42const NOCODB_BASE_ID = "p2pa4z8hpe5rqn0";// Exploitable if source code is exposed or MCP server is network-exposed.
The NocoDB server URL and base ID are hardcoded in the source code, revealing internal infrastructure details.
ImpactAn attacker can identify the target NocoDB instance and combine with the hardcoded token to gain unauthorized access.
FixMove all configuration to environment variables. Use process.env.NOCODB_URL, process.env.NOCODB_BASE_ID, etc.
125this.axiosInstance = axios.create({
126 baseURL: NOCODB_URL,
127 headers: {
128 'xc-token': NOCODB_AUTH_TOKEN,
129 'Content-Type': 'application/json',
130 'Accept': 'application/json'
131 }
132});// Exploitable if MCP server is network-exposed or if an attacker can send arbitrary tool calls.
The MCP server uses a hardcoded authentication token that likely has broad permissions on the NocoDB instance. The exposed tools allow full CRUD operations on any project and table accessible by that token, without any additional authorization checks.
ImpactAn attacker who can send prompts to the MCP server (e.g., via a compromised LLM or network exposure) can list, create, modify, or delete any data in the NocoDB instance that the token has access to. This could lead to data exfiltration, data loss, or unauthorized modifications.
FixUse a token with minimal required permissions. Implement additional authorization checks within the MCP server to restrict operations based on the requesting user or context. Consider using per-user tokens or scoped access.
576private async listTables(args: any) {
577 console.error("Listing tables with arguments:", args);
578 const { projectId } = args;
579 try {
580 console.error(`Listing tables for project ID: ${projectId}`);
581 console.error(`url: ${NOCODB_URL}/api/v1/db/meta/projects/${projectId}/tables`);
582 const response = await this.axiosInstance.get(`/api/v1/db/meta/projects/${projectId}/tables`);
583 ...
584 } catch (error: any) {
585 throw new Error(`Failed to list tables: ${error.message}`);
586 }
587}// Exploitable if NocoDB API does not properly enforce access controls; risk is mitigated by the hardcoded token's scope.
The tool handlers accept projectId, tableName, and recordId parameters directly from user input without any validation or sanitization. These values are used directly in API endpoint paths, which could allow path traversal or injection into the NocoDB API if the API is vulnerable. However, since the values are used in URL path segments, the primary risk is that an attacker can specify arbitrary identifiers to access resources outside the intended scope.
ImpactAn attacker could potentially access tables or records in other projects by manipulating the projectId or tableName parameters, if the NocoDB API does not properly enforce access controls. This could lead to unauthorized data access.
FixValidate that projectId, tableName, and recordId match expected patterns (e.g., alphanumeric, specific length). Consider using a whitelist of allowed project IDs or table names.