What is the CVSS score of CVE-2025-61492?

CVE-2025-61492 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.7%.

Which versions of Terminal Controller Mcp are affected by CVE-2025-61492?

CVE-2025-61492 presents critical security risk, a command injection vulnerability rated CVSS 10.0.

Is there a public PoC exploit available for CVE-2025-61492?

Yes, a public proof-of-concept exploit is available for CVE-2025-61492. Prioritise patching immediately. EPSS: 0.7%.

How to fix or mitigate CVE-2025-61492?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Validate that input sanitization is in place for all user-controlled parameters.

Terminal Controller Mcp CVE-2025-61492

CRITICAL

Command Injection (CWE-77)

2026-01-07 cve@mitre.org

GHSA-h4rf-624j-gj33

Command Injection Terminal Controller Mcp

10.0

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

10.0 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 30, 2026 - 01:40 vuln.today

Public exploit code

CVE Published

Jan 07, 2026 - 18:15 nvd

CRITICAL 10.0

DescriptionCVE.org

A command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input.

AnalysisAI

terminal-controller-mcp 0.1.7, an MCP (Model Context Protocol) server for terminal control, has command injection in execute_command that allows arbitrary command execution. Maximum CVSS 10.0 with scope change – compromising the MCP server grants control over all connected AI agents.

Technical ContextAI

The execute_command function does not sanitize input before passing it to a shell (CWE-77). As an MCP server, it mediates between AI agents and the terminal – command injection here means any AI agent interaction can be weaponized. The scope change reflects that compromise of the MCP server affects all connected agents and their capabilities.

RemediationAI

Update to a patched version. Implement strict input validation in the execute_command function. Run MCP servers in isolated containers with minimal permissions.

CVE-2025-61492 vulnerability details – vuln.today

Back

Terminal Controller Mcp CVE-2025-61492

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code