CNNVD-202508-3566 Information

Aug 29, 2025 cve

CNNVD ID

CNNVD-202508-3566

CVE-2025-9654

  • CNNVD Published: 2025-08-29

Description (Chinese)

MCP SSH Agent是Aionda GmbH开源的一个管理和控制SSH连接的模型上下文协议服务器的软件。 MCP SSH Agent 1.0.3及之前版本存在安全漏洞,该漏洞源于文件server-simple.mjs存在命令注入。

Description (English)

MCP SSH Agent is a software for a model context protocol server that manages and controls SSH connections at the Aionda GmbH open source. MCP SSH Agent 1.0.3 and previous versions have security loopholes, which stem from the existence of command injections in documentserver-simple.mjs.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Aionda GmbH

Published

2025-08-29

Last Modified

2026-02-24

References

https://vuldb.com/?submit.637028 https://vuldb.com/?id.321862 https://vuldb.com/?ctiid.321862 https://github.com/AiondaDotCom/mcp-ssh/commit/cd2566a948b696501abfa6c6b03462cac5fb43d8 https://github.com/AiondaDotCom/mcp-ssh/commit/5b9b9c5b28d3f2672f356a790154ed68e17ef453 https://access.redhat.com/security/cve/cve-2025-9654 https://nvd.nist.gov/vuln/detail/CVE-2025-9654

Share on: