CVE-2026-7066
Remote OS Command Injection in choieastsea simple-openstack-mcp
Publication date: 2026-04-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| choieastsea | simple-openstack-mcp | to 767b2f4a8154cca344344b9725537a58399e6036 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-7066 is an OS command injection vulnerability found in the simple-openstack-mcp project, specifically in the exec_openstack function within the server.py file.
The vulnerability arises because the function only checks if the input command starts with the prefix "openstack" but does not sanitize or neutralize shell metacharacters like ";".
This allows an attacker to append arbitrary shell commands to the input, which are then executed by the server using subprocess.run with shell=True, enabling remote code execution under the service account.
How can this vulnerability impact me? :
This vulnerability can have a high impact on confidentiality, integrity, and availability of the affected system.
- Confidentiality: An attacker can read local secrets or configuration files.
- Integrity: An attacker can modify files or the runtime state of the system.
- Availability: An attacker can disrupt the service or execute destructive commands.
Because the exploit can be launched remotely without authentication, it poses a significant risk if the vulnerable interface is exposed to untrusted users.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to exploit the OS command injection via the vulnerable exec_openstack function. A proof-of-concept involves sending a JSON-RPC request with a command containing shell metacharacters, such as a semicolon (;), to execute arbitrary commands.
For example, sending a command like "openstack --help; touch /tmp/choieastsea_cmdinj_poc" to the vulnerable endpoint can be used to test if the system is vulnerable.
Detection can be confirmed by checking for the presence of the created file "/tmp/choieastsea_cmdinj_poc" on the system.
Since the vulnerability involves execution of shell commands with shell metacharacters, monitoring network traffic for JSON-RPC requests invoking exec_openstack with suspicious command strings containing shell metacharacters like ";" can also help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable exec_openstack interface by implementing network ACLs, authentication, authorization, or mutual TLS to prevent untrusted callers from reaching the endpoint.
Reject or sanitize input containing shell metacharacters on the server side, and enforce strict allowlists for commands accepted by the exec_openstack function.
Avoid using subprocess.run with shell=True on attacker-controlled input. Instead, update the code to use subprocess.run with argument arrays and shell=False.
Add regression tests to detect and prevent known malicious payloads.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote OS command injection, which can lead to unauthorized access, modification, or disruption of system data and services. This can compromise confidentiality, integrity, and availability of sensitive information.
Such a security flaw could negatively impact compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and ensure system integrity and availability.
Specifically, the ability for an attacker to execute arbitrary commands remotely may lead to data breaches or service disruptions, both of which are critical compliance concerns under these regulations.