CVE-2025-11285
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-05

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-05
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-10-05
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11285
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mcphubx mcphub to 0.9.10 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-11285 is a remote code execution vulnerability in samanhappy MCPHub up to version 0.9.10. It occurs because the application does not properly sanitize or validate the 'command' and 'args' fields when creating a new MCP server of type 'stdio'. This allows an attacker to inject and execute arbitrary operating system commands on the host server remotely by manipulating these fields in the server configuration, leading to full control over the affected system. [1, 2, 3]

Impact Analysis

This vulnerability can have severe impacts including unauthorized remote code execution on the host server, which compromises the confidentiality, integrity, and availability of the system. An attacker can execute arbitrary commands, potentially leading to data theft, system manipulation, service disruption, or complete takeover of the affected server. Since the exploit is publicly available and no mitigations or patches exist, the risk of exploitation is high. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by attempting to create a new MCP server of type "stdio" using the createServer API endpoint with crafted payloads that include malicious "command" and "args" fields to test for command injection. For example, sending a POST request to /api/servers with JSON payload {"command": "/bin/sh", "args": ["-c", "whoami > /tmp/666.txt"]} can verify if arbitrary commands are executed on the server. Monitoring for unexpected files like /tmp/666.txt or unusual process executions can also indicate exploitation attempts. Network detection can include monitoring POST requests to /api/servers with suspicious payloads. [2]

Mitigation Strategies

Immediate mitigation steps include disabling or restricting access to the createServer API endpoint to prevent attackers from creating new MCP servers with malicious configurations. Since no patches or vendor mitigations are available, consider blocking or filtering requests that include the "command" and "args" fields or deploying network-level controls to restrict access to the vulnerable service. Additionally, consider using alternative products or isolating the affected MCPHub instance to limit exposure until a fix or patch is available. [3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11285. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart