CVE-2026-32111

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-32111
ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form (beta feature) accepts a user-supplied ha_url and makes a server-side HTTP request to {ha_url}/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network reconnaissance via an error oracle. Two additional code paths in OAuth tool calls (REST and WebSocket) are affected by the same primitive. The primary deployment method (private URL with pre-configured HOMEASSISTANT_TOKEN) is not affected. This vulnerability is fixed in 7.0.0.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/homeassistant-ai/ha-mcp/security/advisories/GHSA-fmfg-9g7c-3vq7 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:homeassistant-ai:home_assistant_mcp_server:*:*:*:*:*:*:*:*
History

17 Mar 2026, 15:37

Type Values Removed Values Added
First Time Homeassistant-ai
Homeassistant-ai home Assistant Mcp Server
References () https://github.com/homeassistant-ai/ha-mcp/security/advisories/GHSA-fmfg-9g7c-3vq7 - () https://github.com/homeassistant-ai/ha-mcp/security/advisories/GHSA-fmfg-9g7c-3vq7 - Vendor Advisory
CPE cpe:2.3:a:homeassistant-ai:home_assistant_mcp_server:*:*:*:*:*:*:*:*
Summary
  • (es) ha-mcp es un servidor MCP de Home Assistant. Antes de la versión 7.0.0, el formulario de consentimiento OAuth de ha-mcp (característica beta) acepta una ha_url proporcionada por el usuario y realiza una solicitud HTTP del lado del servidor a {ha_url}/api/config sin validación de URL. Un atacante no autenticado puede enviar URLs arbitrarias para realizar reconocimiento de red interno a través de un oráculo de errores. Dos rutas de código adicionales en las llamadas a herramientas OAuth (REST y WebSocket) se ven afectadas por la misma primitiva. El método de despliegue principal (URL privada con HOMEASSISTANT_TOKEN preconfigurado) no se ve afectado. Esta vulnerabilidad se corrige en la versión 7.0.0.

11 Mar 2026, 21:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-11 21:16

Updated : 2026-03-17 15:37

NVD link : CVE-2026-32111

Mitre link : CVE-2026-32111

CVE.ORG link : CVE-2026-32111

JSON object : View

Products Affected

homeassistant-ai

  • home_assistant_mcp_server
CWE
CWE-918

Server-Side Request Forgery (SSRF)