A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
PUBLISHED5.1CWE-78CWE-77
samanhappy MCPHub serverController.ts os command injection
Problem type
Affected products
samanhappy
MCPHub
0.9.0 - AFFECTED
0.9.1 - AFFECTED
0.9.2 - AFFECTED
0.9.3 - AFFECTED
0.9.4 - AFFECTED
0.9.5 - AFFECTED
0.9.6 - AFFECTED
0.9.7 - AFFECTED
0.9.8 - AFFECTED
0.9.9 - AFFECTED
0.9.10 - AFFECTED
References
VDB-327043 | samanhappy MCPHub serverController.ts os command injection
https://vuldb.com/?id.327043
VDB-327043 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/?ctiid.327043
Submit #659734 | samanhappy mcphub v0.9.10 Remote Code Execution (RCE)
https://vuldb.com/?submit.659734
github.com
https://github.com/August829/YU1/issues/6
GitHub Security Advisories
GHSA-5q2p-3jg8-2m98
MCPHub's ServerController is vulnerable to Command Injection
https://github.com/advisories/GHSA-5q2p-3jg8-2m98A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
JSON source
Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2025-11285",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2025-10-07T14:02:45.049Z",
"dateReserved": "2025-10-04T11:27:33.813Z",
"datePublished": "2025-10-05T06:02:06.272Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2025-10-05T06:02:06.272Z"
},
"title": "samanhappy MCPHub serverController.ts os command injection",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In samanhappy MCPHub up to 0.9.10 ist eine Schwachstelle entdeckt worden. Das betrifft eine unbekannte Funktionalität der Datei src/controllers/serverController.ts. Durch die Manipulation des Arguments command/args mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit ist öffentlich verfügbar und könnte genutzt werden."
}
],
"affected": [
{
"vendor": "samanhappy",
"product": "MCPHub",
"versions": [
{
"version": "0.9.0",
"status": "affected"
},
{
"version": "0.9.1",
"status": "affected"
},
{
"version": "0.9.2",
"status": "affected"
},
{
"version": "0.9.3",
"status": "affected"
},
{
"version": "0.9.4",
"status": "affected"
},
{
"version": "0.9.5",
"status": "affected"
},
{
"version": "0.9.6",
"status": "affected"
},
{
"version": "0.9.7",
"status": "affected"
},
{
"version": "0.9.8",
"status": "affected"
},
{
"version": "0.9.9",
"status": "affected"
},
{
"version": "0.9.10",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "OS Command Injection",
"cweId": "CWE-78",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Command Injection",
"cweId": "CWE-77",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?id.327043",
"name": "VDB-327043 | samanhappy MCPHub serverController.ts os command injection",
"tags": [
"vdb-entry",
"technical-description"
]
},
{
"url": "https://vuldb.com/?ctiid.327043",
"name": "VDB-327043 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.659734",
"name": "Submit #659734 | samanhappy mcphub v0.9.10 Remote Code Execution (RCE)",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://github.com/August829/YU1/issues/6",
"tags": [
"exploit",
"issue-tracking"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"baseScore": 6.5
}
}
],
"timeline": [
{
"time": "2025-10-04T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2025-10-04T02:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2025-10-04T13:32:51.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "Yu Bao (VulDB User)",
"type": "reporter"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-10-07T14:02:45.049Z"
},
"title": "CISA ADP Vulnrichment",
"references": [
{
"url": "https://github.com/August829/YU1/issues/6",
"tags": [
"exploit"
]
}
],
"metrics": [
{}
]
}
]
}
}