平台
nodejs
组件
@modelcontextprotocol/inspector
修复版本
0.14.2
0.14.1
CVE-2025-49596 describes a remote code execution (RCE) vulnerability affecting versions of the @modelcontextprotocol/inspector library prior to 0.14.1. This flaw allows unauthenticated requests to execute MCP commands via stdio, potentially granting an attacker complete control over the affected system. Users are strongly advised to upgrade to version 0.14.1 or later to resolve this critical security issue.
The impact of CVE-2025-49596 is severe due to the lack of authentication. An attacker can exploit this vulnerability by sending crafted requests to the @modelcontextprotocol/inspector proxy, bypassing any intended security measures. Successful exploitation allows the attacker to execute arbitrary commands on the system hosting the proxy, effectively achieving remote code execution. This could lead to data breaches, system compromise, and potentially broader network infiltration if the affected system has access to sensitive resources or other internal systems. The absence of authentication makes this vulnerability particularly concerning, as it can be exploited without any prior credentials or access.
CVE-2025-49596 was publicly disclosed on 2025-06-13. The vulnerability received credit from Rémy Marot of Tenable. There are currently no known public exploits or active campaigns targeting this vulnerability, but the ease of exploitation due to the lack of authentication suggests a potential for rapid exploitation if a proof-of-concept is released. The vulnerability is not currently listed on the CISA KEV catalog.
Organizations utilizing the @modelcontextprotocol/inspector library in their Node.js applications, particularly those exposing the inspector proxy to untrusted networks, are at significant risk. Development environments and testing systems using older versions of the library are also vulnerable. Shared hosting environments where users have limited control over installed packages should be carefully assessed.
• nodejs / server:
npm list @modelcontextprotocol/inspectorThis command will list installed versions. Look for versions below 0.14.1. • nodejs / server:
grep -r 'require("@modelcontextprotocol/inspector")' /path/to/your/appSearch your application code for references to the vulnerable library. • generic web: Inspect network traffic to the inspector proxy for unauthenticated requests. Look for requests without proper authentication headers.
disclosure
漏洞利用状态
EPSS
2.54% (85% 百分位)
CISA SSVC
The primary mitigation for CVE-2025-49596 is to immediately upgrade the @modelcontextprotocol/inspector library to version 0.14.1 or later. This version includes the necessary authentication checks to prevent unauthorized command execution. If upgrading is not immediately feasible, consider implementing a temporary workaround by restricting network access to the inspector proxy, limiting it to trusted sources only. Review and harden the environment where the inspector proxy runs, ensuring minimal privileges are granted. After upgrading, verify the fix by attempting to send an unauthenticated request to the proxy and confirming that it is rejected.
立即升级到 MCP Inspector 的 0.14.1 或更高版本。这修复了客户端和代理之间的身份验证缺失问题,防止了未经身份验证的远程代码执行。您可以使用 Python 包管理器 pip,通过命令 `pip install modelcontextprotocol/inspector==0.14.1` 进行升级。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-49596 is a critical remote code execution vulnerability in @modelcontextprotocol/inspector versions before 0.14.1, allowing unauthenticated command execution.
You are affected if you are using @modelcontextprotocol/inspector versions earlier than 0.14.1 in your Node.js environment.
Upgrade to @modelcontextprotocol/inspector version 0.14.1 or later to address the vulnerability. Restrict network access to the inspector proxy as a temporary workaround.
Currently, there are no confirmed active exploits, but the lack of authentication makes it a high-risk vulnerability.
Refer to the official @modelcontextprotocol project repository and related security advisories for updates and further information.