CVE-2026-7600
Command Injection in ArtMin96 yii2-mcp-server
Publication date: 2026-05-02
Last updated on: 2026-05-05
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| artmin96 | yii2-mcp-server | 1.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-7600 is a command injection vulnerability in the ArtMin96 yii2-mcp-server 1.0.2, specifically affecting the functions yii_command_help and yii_execute_command in the MCP Interface component. The server constructs shell commands by directly concatenating user-supplied arguments into PHP Yii commands and executes them using child_process.exec without proper escaping or argument separation.
This flaw allows an attacker with network access to the MCP interface to inject shell metacharacters (such as semicolons) into command parameters, enabling execution of arbitrary operating system commands with the server's privileges.
Exploitation requires access to the MCP tools, a valid Yii2 project setup, and PHP CLI availability. A proof of concept shows executing commands like 'id' through the yii_command_help tool by injecting malicious input.
How can this vulnerability impact me? :
This vulnerability can lead to full host compromise because attackers can execute arbitrary OS commands with the server's privileges.
- Data exposure due to unauthorized access to sensitive information.
- Integrity loss by modifying or corrupting data.
- Service disruption through denial of service or other malicious actions.
The attack can be performed remotely by sending crafted requests to the vulnerable MCP interface, making it a serious risk if the server is exposed to untrusted networks.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring network traffic for crafted MCP requests targeting the yii_command_help or yii_execute_command tools that include shell metacharacters such as semicolons (;).
Since the exploit involves injecting commands into the MCP interface, detection can involve checking for unusual or unexpected command parameters sent to the MCP server.
A practical approach is to attempt sending test commands that include shell metacharacters to the MCP interface and observe if arbitrary OS commands are executed.
- Use network packet capture tools (e.g., tcpdump, Wireshark) to filter for MCP protocol traffic and inspect for suspicious command parameters.
- Run commands on the server to check for unexpected processes or command executions triggered by MCP requests.
- Example test command: send a crafted MCP request to the yii_command_help tool with a command parameter containing a shell metacharacter, such as "; id", to see if the server executes the injected command.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the MCP server to trusted users only, ensuring it is not exposed to untrusted networks.
Run the MCP server under a low-privilege account to limit the impact of any successful exploitation.
Disable or avoid using the vulnerable command-execution tools such as yii_command_help and yii_execute_command until a fix is available.
Avoid exposing the MCP server over the network to reduce the attack surface.
Longer term, apply safer command execution methods (e.g., execFile or spawn with argument arrays), validate inputs against allowlists, and reject shell metacharacters in user inputs.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote attackers to execute arbitrary OS commands on the server, leading to full host compromise including data exposure, integrity loss, and service disruption.
Such impacts on confidentiality, integrity, and availability of data can lead to non-compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.
Specifically, unauthorized data exposure or alteration caused by this vulnerability could violate data protection requirements, potentially resulting in legal and regulatory consequences.