10

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-61492

CVE-2025-61492: terminal-controller-mcp vulnerable to Command Injection

A command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-61492

CVE-2025-61492:

10

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
terminal-controller	pip	<= 0.1.7

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is a command injection in the terminal-controller-mcp package. The execute_command function is the entry point, accepting a command string from the user. It uses a weak blacklist-based filter to check for dangerous commands, which can be easily bypassed. After this inadequate check, it passes the command to the run_command function. The run_command function then executes this command using asyncio.create_subprocess_shell with shell=True, which directly leads to the command injection vulnerability. During an exploit, a profiler would show a call to execute_command followed by a call to run_command, both of which are critical to the exploitation of this vulnerability.

Vulnerable functions

execute_command

terminal_controller.py

This function takes a command from the user and performs an insufficient security check by using a blacklist of dangerous commands. This blacklist can be easily bypassed by an attacker using shell features like command concatenation and execution substitution, leading to arbitrary command execution.

run_command

terminal_controller.py

This function executes the command received from `execute_command` using `asyncio.create_subprocess_shell` with `shell=True`. This allows for shell metacharacters and command substitution to be processed, which is the root cause of the command injection vulnerability. An attacker can provide a crafted command to `execute_command` which is then executed by this function.

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

10

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-61492: terminal-controller-mcp vulnerable to Command Injection

CVE-2025-61492:

10

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

10

10

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Basic Information

Basic Information

CVE-2025-61492: terminal-controller-mcp vulnerable to Command Injection

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI