CVE-2025-61492

CRITICAL
2026-01-07 [email protected] GHSA-h4rf-624j-gj33
10.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Jan 30, 2026 - 01:40 vuln.today
Public exploit code
CVE Published
Jan 07, 2026 - 18:15 nvd
CRITICAL 10.0

Tags

Command Injection Terminal Controller Mcp

Description

A command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input.

Analysis

terminal-controller-mcp 0.1.7, an MCP (Model Context Protocol) server for terminal control, has command injection in execute_command that allows arbitrary command execution. Maximum CVSS 10.0 with scope change – compromising the MCP server grants control over all connected AI agents.

Technical Context

The execute_command function does not sanitize input before passing it to a shell (CWE-77). As an MCP server, it mediates between AI agents and the terminal – command injection here means any AI agent interaction can be weaponized. The scope change reflects that compromise of the MCP server affects all connected agents and their capabilities.

Affected Products

terminal-controller-mcp 0.1.7

Remediation

Update to a patched version. Implement strict input validation in the execute_command function. Run MCP servers in isolated containers with minimal permissions.

Priority Score

71
Low Medium High Critical
KEV: 0
EPSS: +0.7
CVSS: +50
POC: +20

Share

CVE-2025-61492 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy