CVE-2025-11491
Published: 08 October 2025
Description
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Security Summary
CVE-2025-11491 is an OS command injection vulnerability (CWE-77, CWE-78) affecting wonderwhy-er DesktopCommanderMCP up to version 0.2.13. The issue resides in the CommandManager function of the src/command-manager.ts file, where manipulation enables OS command injection. Published on 2025-10-08, it carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L).
An attacker with low privileges can exploit this remotely over the network with low complexity and no user interaction. Successful exploitation results in OS command injection, yielding low impacts on confidentiality, integrity, and availability.
References include GitHub issues at https://github.com/wonderwhy-er/DesktopCommanderMCP/issues/217 and https://github.com/wonderwhy-er/DesktopCommanderMCP/issues/217#issue-3343853704, along with VulDB entries at https://vuldb.com/?ctiid.327610, https://vuldb.com/?id.327610, and https://vuldb.com/?submit.668006. The exploit has been made public and could be used.
Details
- CWE(s)
Affected Products
AI Security Analysis
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- MITRE ATLAS Techniques
- None mapped
- Classification Reason
- No AI-related keywords detected.
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is an OS command injection issue, directly enabling arbitrary command execution via Command and Scripting Interpreter (T1059).