Miggo Logo
Miggo Vulnerability Database
CVE-2025-31692

CVE-2025-31692: Drupal AI Vulnerable to OS Command Injection via Optional Automator Types

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-31692
GHSA ID
GHSA-pwjq-fx3v-8f9r
EPSS Score
0.38032%
CWE
CWE-78
Published
4/1/2025
Updated
4/2/2025
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
drupal/aicomposer< 1.0.51.0.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability explicitly involves unsanitized input in shell commands within AI Automators. Drupal's plugin architecture would implement different automator types as plugins, with ShellCommand being a likely candidate. The execute() methods would be the execution points where user-controlled data enters system commands. While exact patch details are unavailable, the advisory's technical description and standard Drupal patterns strongly suggest these entry points.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Improp*r N*utr*liz*tion o* Sp**i*l *l*m*nts us** in *n OS *omm*n* ('OS *omm*n* Inj**tion') vuln*r**ility in *rup*l *I (*rti*i*i*l Int*lli**n**) *llows OS *omm*n* Inj**tion. T*is issu* *****ts *I (*rti*i*i*l Int*lli**n**): *rom *.*.* ***or* *.*.*.

Reasoning

T** vuln*r**ility *xpli*itly involv*s uns*nitiz** input in s**ll *omm*n*s wit*in *I *utom*tors. *rup*l's plu*in *r**it**tur* woul* impl*m*nt *i***r*nt *utom*tor typ*s *s plu*ins, wit* `S**ll*omm*n*` **in* * lik*ly **n*i**t*. T** `*x**ut*()` m*t*o*s w