CVE-2025-64443
BaseFortify
Publication date: 2025-12-03
Last updated on: 2026-03-10
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| docker | mcp_gateway | to 0.28.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-749 | The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a DNS rebinding issue in MCP Gateway versions 0.27.0 and earlier when running in sse or streaming transport mode. An attacker can exploit this by tricking a victim into visiting a malicious website or viewing a malicious advertisement, which then allows browser-based attacks on MCP servers behind the gateway. This can lead to manipulation of tools or features exposed by those MCP servers. The vulnerability does not affect MCP Gateway when running in the default stdio mode, which does not listen on network ports. The issue is fixed in version 0.28.0.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to manipulate MCP servers behind the gateway through the victim's browser. This could lead to unauthorized control or interference with the tools or features exposed by those MCP servers, potentially compromising the integrity and functionality of the affected systems.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade MCP Gateway to version 0.28.0 or later. Additionally, avoid running MCP Gateway in sse or streaming transport mode, as the vulnerability does not affect the default stdio mode which does not listen on network ports.