Description
A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2.17.1 is able to address this issue. The patch is identified as 3f678a1e7bd400cd76469d61024097d4920dc6b5. It is recommended to upgrade the affected component.
Published: 2026-04-28
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Patch
AI Analysis

Impact

A cloud function named openUrl in the CloudBase‑MCP service accepts a user‑supplied URL in the request body and directly issues an HTTP request to that address. This flaw allows any remote actor to instruct the server to connect to arbitrary internal or external resources, enabling data exfiltration, internal network enumeration, or denial of service against other services. The weakness is classified as CWE‑918 and can be leveraged to bypass normal network restrictions imposed on the cloud environment.

Affected Systems

TencentCloudBase sells the CloudBase‑MCP product. Versions of the component up to and including 2.17.0 are vulnerable. The published fix is in release 2.17.1, which replaces the openUrl routine with protected input handling.

Risk and Exploitability

The CVSS score of 6.9 places this issue in the moderate severity range. The EPSS score is not reported, and the vulnerability is not currently listed in the CISA KEV catalog, but the exploit code is publicly available, indicating potential for real‑world attacks. Remote exploitation is possible through the public API endpoint, making threat assessment critical for any exposed CloudBase‑MCP instances.

Generated by OpenCVE AI on April 28, 2026 at 19:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade CloudBase‑MCP to version 2.17.1 to remove the vulnerable openUrl implementation.
  • If an immediate upgrade is not feasible, block external access to the open-url API endpoint by configuring API gateway rules, firewall policies, or service‑mesh restrictions to allow only internal traffic.
  • Implement a URL whitelist or request filtering in custom code (if available) so that the openUrl function accepts only approved domains, thereby limiting outbound requests even before applying the official patch.

Generated by OpenCVE AI on April 28, 2026 at 19:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Tencentcloudbase
Tencentcloudbase cloudbase-mcp
Vendors & Products Tencentcloudbase
Tencentcloudbase cloudbase-mcp

Tue, 28 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2.17.1 is able to address this issue. The patch is identified as 3f678a1e7bd400cd76469d61024097d4920dc6b5. It is recommended to upgrade the affected component.
Title TencentCloudBase CloudBase-MCP open-url API Endpoint interactive-server.ts openUrl server-side request forgery
Weaknesses CWE-918
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tencentcloudbase Cloudbase-mcp
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-28T14:34:11.887Z

Reserved: 2026-04-27T15:35:08.733Z

Link: CVE-2026-7221

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-04-28T04:16:26.880

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-7221

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:45:07Z

Weaknesses