GHSA-g39v-cvjh-8fpf: Home Assistant MCP Server: YAML config backups written under www/ are served unauthenticated at /local/
When ENABLE_YAML_CONFIG_EDITING=true, every ha_config_set_yaml call backs up the pre-edit file to <config>/www/yaml_backups/, which Home Assistant serves at /local/ with no authentication. Anyone who can reach the HA web interface can download the most recent pre-edit configuration.yaml (or other YAML file) — typically containing plaintext MQTT passwords, REST credentials, webhook IDs, geofence coordinates, and shell_command definitions — with zero credentials.
References
- github.com/advisories/GHSA-g39v-cvjh-8fpf
- github.com/homeassistant-ai/ha-mcp/commit/09c524526b5f945638aa97de6218fadcd233023c
- github.com/homeassistant-ai/ha-mcp/pull/1180
- github.com/homeassistant-ai/ha-mcp/releases/tag/v7.4.1.dev456
- github.com/homeassistant-ai/ha-mcp/releases/tag/v7.5.0
- github.com/homeassistant-ai/ha-mcp/security/advisories/GHSA-g39v-cvjh-8fpf
Code Behaviors & Features
Detect and mitigate GHSA-g39v-cvjh-8fpf with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →