Attack Chain

1. The attacker identifies a vulnerable instance of elinsky execution-system-mcp 0.1.0 running remotely.
2. The attacker crafts a malicious HTTP request targeting the add_action tool.
3. Within the HTTP request, the attacker injects a path traversal sequence (e.g., ../) into the context argument of the _get_context_file_path function.
4. The _get_context_file_path function processes the tainted input without proper sanitization, allowing the path traversal sequence to resolve to a file outside of the intended directory.
5. The server attempts to read the file specified by the attacker-controlled path.
6. Sensitive information from the targeted file is read by the server.
7. The server returns the content of the file, or an error message indicating the file content, to the attacker.
8. The attacker obtains sensitive information, potentially leading to further exploitation, such as privilege escalation or data exfiltration.

Impact

Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the server. This could lead to the disclosure of sensitive information, such as configuration files, source code, or user data. The CVSS v3.1 score of 7.3 indicates a high severity, highlighting the potential for significant impact. The lack of specifics regarding victim count and sectors targeted in the source information makes it difficult to quantify the precise scale of potential damage.

Recommendation

• Apply any available patches or updates for elinsky execution-system-mcp to address CVE-2026-7319.
• Implement input validation and sanitization measures to prevent path traversal attacks within the _get_context_file_path function.
• Deploy the Sigma rule provided to detect exploitation attempts by monitoring for suspicious path traversal sequences in HTTP requests to the add_action tool.
• Monitor web server logs for requests containing path traversal sequences such as “../” and ensure proper logging of access attempts.