CNNVD-202601-1184 Information

CNNVD ID

CNNVD-202601-1184

Related CVE

CVE-2025-61492

• CNNVD Published: 2026-01-07

Description (Chinese)

Terminal Controller for MCP是GongRzhe个人开发者的一个上下文协议服务器。 Terminal Controller for MCP 0.1.7版本存在安全漏洞，该漏洞源于execute_command函数存在命令注入，可能导致执行任意命令。

Description (English)

Terminal Contractor for MCP is a context protocol server for GoongRzhe personal developer. There is a security loophole in version Terminal Controller for MCP 0.1.7 which stems from the existence of command injections in the execute command function, which may result in the execution of arbitrary orders.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-07

Last Modified

2026-02-24

References

https://github.com/cfdude/super-shell-mcp/issues/19 https://github.com/GongRzhe/terminal-controller-mcp/issues/7 https://access.redhat.com/security/cve/cve-2025-61492

Patch

https://github.com/GongRzhe/terminal-controller-mcp/releases