제출 #784864: elgentos magento2-dev-mcp <=1.0.2 Command Injection정보

제목	elgentos magento2-dev-mcp <=1.0.2 Command Injection
설명	A command injection vulnerability exists in elgentos/magento2-dev-mcp due to unsafe use of child_process.execAsync when constructing Magerun2 CLI commands with user-controlled input. Successful exploitation allows attackers to execute arbitrary shell commands with the privileges of the MCP server process. The following MCP tools construct command strings using user-supplied parameters and execute them via child_process.execAsync:  config-show: interpolates path, scope, and scopeId parameters  config-set: interpolates path, value, scope, and scopeId parameters  config-store-get: interpolates path and storeId parameters  config-store-set: interpolates path, value, and storeId parameters  cache-view: interpolates key and type parameters  db-query: interpolates query parameter  dev-module-observer-list: interpolates event parameter  dev-module-create: interpolates vendorNamespace, moduleName, authorName, authorEmail, and description parameters  setup-static-content-deploy: interpolates languages and themes parameters  sys-url-list: interpolates storeId parameter  sys-cron-run: interpolates job and group parameters Because execAsync invokes commands through a system shell, specially crafted input containing shell metacharacters (such as `;`, `&`, or `\|`) may be interpreted as additional commands rather than treated as data. For example, an attacker could supply a malicious value in key to inject arbitrary shell commands, which would then be executed with the privileges of the MCP server process. The vulnerability results from shell-based command execution combined with direct interpolation of untrusted input. In MCP environments, LLM-generated tool parameters influenced by external content may trigger execution of injected commands without direct local user interaction.
원천	⚠️ https://github.com/elgentos/magento2-dev-mcp/issues/4
사용자	Yinci Chen (UID 94659)
제출	2026. 03. 21. AM 09:59 (21 날 ago)
모더레이션	2026. 04. 05. PM 03:58 (15 days later)
상태	수락
VulDB 항목	355395 [elgentos magento2-dev-mcp 까지 1.0.2 src/index.ts executeMagerun2Command 권한 상승]
포인트들	20

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!