vet MCP Server SSE Transport DNS Rebinding Vulnerability
SafeDep vet is vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. To exploit this vulnerability following conditions must be met: A vet scan is executed and reports are saved as sqlite3 database A vet MCP server is running on default port with SSE transport that has access to the report database The attacker lures the victim to attacker controlled website Attacker leverages …