Sign up to save your podcasts
Or
Share Kali Linux's Official MCP Server Has a Textbook Command Injection Vulnerability
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Kali Linux's Official MCP Server Has a Textbook Command Injection Vulnerability
A security researcher found that the mcp-kali-server package - shipped in Kali's official repos - interpolates AI-supplied parameters directly into shell commands with shell=True, enabling trivial arbitrary command execution.
View all episodes
By Awesome AgentsA security researcher found that the mcp-kali-server package - shipped in Kali's official repos - interpolates AI-supplied parameters directly into shell commands with shell=True, enabling trivial arbitrary command execution.