Home

Description

radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing the command filter through shell metacharacters in user-controlled input passed to r2_cmd_str(). Attackers can inject shell metacharacters through the jsonrpc interface parameters to achieve remote code execution on the host running radare2-mcp without requiring authentication.

PUBLISHED Reserved 2026-04-23 | Published 2026-04-23 | Updated 2026-05-25 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')

Product status

Default status
unaffected

Any version before 1.6.0
affected

Credits

Manthan Ghasadiya finder

References

github.com/radareorg/radare2-mcp/issues/45 (Pull Request) technical-description exploit

github.com/...ommit/482cde6500009112a8bc0b3fa8d2ef6180581ec0 (Patch Commit) issue-tracking

www.vulncheck.com/...njection-via-shell-metacharacter-bypass third-party-advisory

cve.org (CVE-2026-6942)

nvd.nist.gov (CVE-2026-6942)

Download JSON