Wireshark Mcp
Monthly
OS command injection in wireshark-mcp's quick_capture function allows remote unauthenticated attackers to execute arbitrary operating system commands with publicly available exploit code. The vulnerability affects all versions of the rolling-release project through commit 400c3da70074f22f3cce7ccb65304cafc7089c89, with CVSS 5.5 reflecting low confidentiality, integrity, and availability impact but network-accessible exploitation vector. Active public exploit availability increases real-world risk despite moderate CVSS score.
OS command injection in wireshark-mcp's quick_capture function allows remote unauthenticated attackers to execute arbitrary operating system commands with publicly available exploit code. The vulnerability affects all versions of the rolling-release project through commit 400c3da70074f22f3cce7ccb65304cafc7089c89, with CVSS 5.5 reflecting low confidentiality, integrity, and availability impact but network-accessible exploitation vector. Active public exploit availability increases real-world risk despite moderate CVSS score.