CVE-2026-15189 in aerostack-mcpinfo

Summary

by MITRE • 07/09/2026

A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload_media of the component mcp-whatsapp. Such manipulation of the argument media_url leads to server-side request forgery. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 07/09/2026

This vulnerability exists within the aerostackdev aerostack-mcp application, specifically affecting the mcp-whatsapp component through its upload_media function. The flaw represents a server-side request forgery vulnerability that occurs when the media_url argument is manipulated by an attacker. This type of vulnerability allows malicious actors to initiate unauthorized requests from the vulnerable server to internal or external systems, potentially bypassing network security controls that would normally prevent such communications. The vulnerability operates at the application level where user-supplied input is not properly validated or sanitized before being processed as part of a request to another system.

The technical implementation of this flaw enables remote exploitation through the manipulation of the media_url parameter, which is typically used for handling media file uploads within the whatsapp messaging component. When an attacker submits a crafted media_url value, the application processes this input without adequate validation, allowing the server to make unintended requests to arbitrary endpoints. This vulnerability falls under CWE-918, which specifically addresses server-side request forgery vulnerabilities, and aligns with ATT&CK technique T1190 for exploiting vulnerabilities in remote services. The rolling release deployment model of this product creates additional complexity since there are no fixed version identifiers available, making it difficult to determine exact affected ranges or patched versions.

The operational impact of this vulnerability is significant as it enables attackers to potentially access internal network resources that would normally be protected by firewalls or network segmentation. An attacker could leverage this vulnerability to probe internal systems, harvest sensitive information from local services, or even escalate privileges if the vulnerable server has elevated permissions. The remote exploit capability means that threat actors do not need physical access or network proximity to the target system. This vulnerability represents a critical risk for organizations using this software stack, particularly in environments where internal network access is restricted and security boundaries are essential.

Organizations should immediately implement mitigations including input validation for all user-supplied parameters, particularly those used in URL construction and processing. Network segmentation and firewall rules should be enforced to limit outbound connections from the vulnerable application to only necessary external endpoints. The application should be configured with strict URL validation that rejects any suspicious or non-compliant URLs, implementing whitelisting approaches for legitimate media sources. Additionally, monitoring and logging of all media upload activities should be enhanced to detect anomalous behavior patterns that may indicate exploitation attempts. Given the lack of version information due to the rolling release model, organizations should consider implementing application firewalls or web application security controls that can detect and block suspicious request patterns regardless of specific version numbers. The absence of response from the project team highlights the importance of proactive security measures rather than relying on vendor patches for vulnerable components in production environments.

Responsible

VulDB

Disclosure

07/09/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!