Exposed MCP JSON-RPC 2.0 API Scanner

The Exposed MCP JSON-RPC 2.0 API is utilized in various AI tools, LLM systems, and automation infrastructures to manage and control these systems. It offers functionalities that allow administrators to interact with underlying protocols and APIs for different operational tasks. Developed by specialized tech teams, it allows an efficient and centralized control to ensure smooth operations and management of resources. However, because it grants administrative access, it has to be secured against unauthorized use. This scanner is used primarily by IT departments to detect any exposed endpoints that could lead to vulnerabilities.

Exposing the MCP JSON-RPC 2.0 API allows potential unauthorized access to administrative functions. This could lead to unintended information disclosure or system compromise if these exposed endpoints are not secured. The vulnerability stems from insufficient restriction on accessing these endpoints, which can lead to critical risks if exploited. The scanner identifies these endpoints, giving organizations a chance to secure them before threats materialize. Monitoring and addressing these vulnerabilities is crucial for maintaining the integrity of digital assets.

The vulnerability in question can be technically detailed by its exposure through JSON-RPC 2.0 API endpoints. Specific vulnerable endpoints include rpc.discover, rpc.describe, tools/list, and others mentioned in the scanner. These endpoints might not be adequately protected, allowing unauthorized commands to be executed through the exposed API. The pattern matching techniques test the responses for unique identifiers such as available tools or server status information. By identifying these patterns, it verifies whether the exposure potentially exists.

If exploited, this vulnerability can lead to several potential risks, including unauthorized manipulation of systems or theft and misuse of sensitive data. Malicious actors could exploit these exposed endpoints to gain administrative control over the systems. This would give them a gateway to deploy additional attacks, such as launching denial-of-service (DoS) attacks or installing malware. Furthermore, attackers might disrupt regular operations or steal proprietary data, leading to financial or reputational damage to the organization.

REFERENCES

• https://lab.wallarm.com/wallarm-research-nuclei-template-counter-threats-targeting-llm-apps/