DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-7HGR-7H44-33W2: GHSA-7HGR-7H44-33W2: Unauthenticated Browser Control via Confused Deputy in camofox-mcp

#security #cve #cybersecurity #ghsa

GHSA-7HGR-7H44-33W2: Unauthenticated Browser Control via Confused Deputy in camofox-mcp

Vulnerability ID: GHSA-7HGR-7H44-33W2
CVSS Score: High
Published: 2026-05-19

The camofox-mcp package prior to version 1.13.2 contains a critical access control vulnerability on its Model Context Protocol (MCP) HTTP transport layer. The server fails to authenticate inbound requests while simultaneously appending an administrative API key to outbound backend requests. This Confused Deputy flaw allows unauthenticated clients to exercise full administrative control over the backend headless browser environment.

TL;DR

An unauthenticated access vulnerability (CWE-306) in the camofox-mcp /mcp endpoint enables attackers to hijack the server's internal credentials. This grants unauthorized access to browser control tools. Administrators must upgrade to version 1.13.2 and define the CAMOFOX_HTTP_API_KEY environment variable.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-306 / CWE-441
  • Attack Vector: Network
  • Authentication: None Required
  • CVSS 4.0 Score: High
  • Exploit Status: Proof of Concept Available
  • Impact: Unauthenticated Administrative Browser Control

Affected Systems

  • camofox-mcp (npm package)
  • Model Context Protocol (MCP) Server Deployments
  • Dockerized Browser Automation Environments
  • camofox-mcp: < 1.13.2 (Fixed in: 1.13.2)

Code Analysis

Commit: 599f56e

Security hardening: Implement mandatory inbound authentication, secure binding policy, and host-header validation.

Exploit Details

  • Maintainer Proof of Concept: A reproduction harness utilizing a mock camofox-browser backend demonstrating unauthenticated administrative control and key forwarding.

Mitigation Strategies

  • Software Upgrade
  • Authentication Configuration
  • Network Segmentation
  • Host-Header Validation

Remediation Steps:

  1. Update camofox-mcp to version 1.13.2 via npm install camofox-mcp@latest.
  2. Generate a cryptographically secure random string to serve as the authentication secret.
  3. Set the CAMOFOX_HTTP_API_KEY environment variable using the generated secret.
  4. Verify that the CAMOFOX_HTTP_HOST variable is set to 127.0.0.1 unless external access is strictly required.
  5. If deployed behind a proxy, configure CAMOFOX_HTTP_ALLOWED_HOSTS to explicitly define the allowed domain names.

References

Read the full report for GHSA-7HGR-7H44-33W2 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)