CVE-2025-69902
Command Injection in kubectl-mcp-server minimal_wrapper.py Allows RCE
Publication date: 2026-03-16
Last updated on: 2026-03-17
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a command injection flaw found in the minimal_wrapper.py component of kubectl-mcp-server version 1.2.0. It allows attackers to execute arbitrary commands by injecting shell metacharacters, which means they can run unintended commands on the system by manipulating input that is not properly sanitized.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker could execute arbitrary commands on the system running kubectl-mcp-server. This could lead to unauthorized access, data compromise, system manipulation, or disruption of Kubernetes management operations, potentially affecting the security and stability of your Kubernetes infrastructure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'The vulnerability is a command injection in the minimal_wrapper.py component of kubectl-mcp-server v1.2.0, allowing arbitrary command execution via shell metacharacter injection.'}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your system, you can check if you are running kubectl-mcp-server version 1.2.0, especially the minimal_wrapper.py component.'}, {'type': 'paragraph', 'content': 'You may attempt to identify suspicious command executions or unexpected shell commands triggered by kubectl-mcp-server.'}, {'type': 'paragraph', 'content': 'Suggested commands to test or detect abnormal behavior include running kubectl-mcp-server commands such as:'}, {'type': 'list_item', 'content': '`kubectl-mcp-server info` - to get server information and verify version.'}, {'type': 'list_item', 'content': '`kubectl-mcp-server call get_pods \'{"namespace": "kube-system"}\'` - to check normal command execution.'}, {'type': 'paragraph', 'content': 'Monitoring logs for unexpected shell metacharacters or command injection patterns in requests to kubectl-mcp-server may help detect exploitation attempts.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Avoid using kubectl-mcp-server version 1.2.0 until a patched version is released.
- Restrict access to the kubectl-mcp-server service to trusted users and networks only.
- Monitor and audit logs for suspicious command injection attempts.
- Implement network-level controls such as firewalls or network policies to limit exposure.
- If possible, disable or isolate the minimal_wrapper.py component until a fix is available.