DoS via infinite recursion in server.close() on client disconnect (CWE-674)

[AgentPrime-Bob]

Summary

@browsermcp/mcp crashes on every client disconnect due to infinite recursion in the server.close() override. The override calls await server.close() inside itself, exhausting the call stack and killing the server process. No recovery is possible without a manual restart.

Affected Version

@browsermcp/mcp v0.1.3 (latest on npm at time of report)

Severity

HIGH — CVSS 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CWE-674: Uncontrolled Recursion

Root Cause

In index.js around line 248–249, the code overrides server.close with an async function that calls await server.close() — which calls itself recursively until the JavaScript call stack is exhausted.

// Pseudocode of the bug
server.close = async () => {
    // ...
    await server.close();  // <-- calls itself, infinite recursion
};

Reproduction

1. Install and start the server: npx @browsermcp/mcp
2. Connect any MCP client
3. Disconnect the client (e.g. close the client process)
4. Observe server crash with:

RangeError: Maximum call stack size exceeded
    at server.close (...)

Evidence

RangeError: Maximum call stack size exceeded at server.close() — triggered on every client disconnect during automated scanning.

Impact

• Any MCP client that disconnects (including normal session end) crashes the server
• Requires manual restart to restore service
• In always-on AI agent setups, this causes persistent downtime after every session

Recommended Fix

Remove the recursive self-call. Use a guard flag or save a reference to the original close method before overriding:

const _originalClose = server.close.bind(server);
server.close = async () => {
    // cleanup logic here
    await _originalClose();
};

Reporter

Discovered by Cyberneticsplus Services Private Limited using MCPFuzz — an automated MCP security scanner.

Responsible disclosure: 90-day embargo from date of report. We request a fix or acknowledgement within 30 days.