Remote Code Execution Vulnerability in win-cli-mcp-server
CVE-2025-11202

9.8CRITICAL

Key Information:

Vendor: Win-cli-mcp-server
Status: Win-cli-mcp-server
Vendor: CVE Published:; 29 October 2025

🔔 Create Win-cli-mcp-server Vulnerability Alert

What is CVE-2025-11202?

A remote code execution vulnerability exists in the win-cli-mcp-server due to inadequate validation of user-supplied strings within the resolveCommandPath method. This flaw allows remote attackers to execute arbitrary code on affected installations without requiring authentication. Successful exploitation can lead to unauthorized actions executed in the context of the service account, posing significant security risks.

Affected Version(s)

win-cli-mcp-server 215f0cc4ed0c21ce028246c19ebfa32f5b3f7848

References

https://www.zerodayinitiative.com/advisories/ZDI-25-930/

x_research-advisory

https://github.com/simon-ami/win-cli-mcp-server/commit/52...

vendor-advisory

CVSS V3.0

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2025
Vulnerability Reserved
Sep 30, 2025

JSON