CNNVD-202511-2047 Information

CNNVD ID

CNNVD-202511-2047

Related CVE

CVE-2025-63604

• CNNVD Published: 2025-11-18

Description (Chinese)

AWS Resources MCP Server是Bary Huang个人开发者的一个基于Python的MCP服务器。 AWS Resources MCP Server 0.1.0版本存在安全漏洞，该漏洞源于execute_query方法输入验证不足，可能导致远程代码执行和AWS凭据泄露。

Description (English)

AWS Resources MCP Server is a Python-based MCP server for Bary Huang Personal Developer. The AWS Resources MCP Server version 0.1.0 contains a security loophole that stems from inadequate validation of the execute query method, which may result in remote code execution and AWS leakage.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-18

Last Modified

2026-02-24

References

https://github.com/baryhuang/mcp-server-aws-resources-python/issues/8 https://access.redhat.com/security/cve/cve-2025-63604