CVE-2025-35028
BaseFortify
Publication date: 2025-11-30
Last updated on: 2025-12-01
Assigner: Austin Hackers Anonymous
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hexstrike | ai_mcp_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the HexStrike AI MCP server where an API endpoint created by the EnhancedCommandExecutor class accepts command-line arguments starting with a semicolon (;). These arguments are not sanitized, causing the server to execute the composed command directly with the server's normal privileges, which are typically root. This allows an attacker to execute arbitrary commands on the server.
How can this vulnerability impact me? :
The vulnerability allows an attacker to execute arbitrary commands on the HexStrike AI MCP server with root privileges. This can lead to full system compromise, unauthorized access to sensitive data, disruption of services, and potential further exploitation within the affected environment.