CVE-2025-54073

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-54073
mcp-package-docs is an MCP (Model Context Protocol) server that provides LLMs with efficient access to package documentation across multiple programming languages and language server protocol (LSP) capabilities. A command injection vulnerability exists in the `mcp-package-docs` MCP Server prior to the fix in commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.exec`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (`|`, `>`, `&&`, etc.). Commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9 in version 0.1.27 contains a fix for the issue, but upgrading to 0.1.28 is recommended.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://equixly.com/blog/2025/03/29/mcp-server-new-security-nightmare
https://github.com/advisories/GHSA-3q26-f695-pp76
https://github.com/advisories/GHSA-5w57-2ccq-8w95
https://github.com/advisories/GHSA-gjv4-ghm7-q58q
https://github.com/sammcj/mcp-package-docs/commit/cb4ad49615275379fd6f2f1cf1ec4731eec56eb9
https://github.com/sammcj/mcp-package-docs/releases/tag/v0.1.27
https://github.com/sammcj/mcp-package-docs/releases/tag/v0.1.28
https://github.com/sammcj/mcp-package-docs/security/advisories/GHSA-vf9j-h32g-2764
https://invariantlabs.ai/blog/mcp-github-vulnerability
https://github.com/advisories/GHSA-3q26-f695-pp76
https://github.com/advisories/GHSA-5w57-2ccq-8w95
https://github.com/advisories/GHSA-gjv4-ghm7-q58q
https://github.com/sammcj/mcp-package-docs/security/advisories/GHSA-vf9j-h32g-2764
Configurations

No configuration.

History

22 Jul 2025, 19:15

Type Values Removed Values Added
References () https://github.com/advisories/GHSA-3q26-f695-pp76 - () https://github.com/advisories/GHSA-3q26-f695-pp76 -
References () https://github.com/advisories/GHSA-5w57-2ccq-8w95 - () https://github.com/advisories/GHSA-5w57-2ccq-8w95 -
References () https://github.com/advisories/GHSA-gjv4-ghm7-q58q - () https://github.com/advisories/GHSA-gjv4-ghm7-q58q -
References () https://github.com/sammcj/mcp-package-docs/security/advisories/GHSA-vf9j-h32g-2764 - () https://github.com/sammcj/mcp-package-docs/security/advisories/GHSA-vf9j-h32g-2764 -

22 Jul 2025, 13:06

Type Values Removed Values Added
Summary
  • (es) mcp-package-docs es un servidor MCP (Model Context Protocol) que proporciona a los LLM acceso eficiente a la documentación de paquetes en múltiples lenguajes de programación y capacidades de protocolo de servidor de lenguaje (LSP). Existe una vulnerabilidad de inyección de comandos en el servidor MCP `mcp-package-docs` antes de la corrección en el commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9. La vulnerabilidad se debe al uso no autorizado de parámetros de entrada en una llamada a `child_process.exec`, lo que permite a un atacante inyectar comandos arbitrarios del sistema. Una explotación exitosa puede provocar la ejecución remota de código bajo los privilegios del proceso del servidor. El servidor construye y ejecuta comandos de shell utilizando entradas de usuario no validadas directamente dentro de las cadenas de la línea de comandos. Esto introduce la posibilidad de inyección de metacaracteres de shell (`|`, `>`, `&&`, etc.). El commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9 en la versión 0.1.27 contiene una solución para el problema, pero se recomienda actualizar a la versión 0.1.28.

18 Jul 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-18 16:15

Updated : 2025-07-22 19:15

NVD link : CVE-2025-54073

Mitre link : CVE-2025-54073

CVE.ORG link : CVE-2025-54073

JSON object : View

Products Affected

No product.

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')