Remote OS Command Injection in Agno-Agi Product
CVE-2025-8665

5.3MEDIUM

Key Information:

Vendor: Agno-agi
Status: Agno
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-8665?

A vulnerability in the Model Context Protocol Handler of Agno-Agi allows for remote OS command injection through improper manipulation of command arguments in the MCPTools/MultiMCPTools function. This weakness can permit attackers to execute arbitrary commands on the hosting system. Despite notifications to the vendor prior to public disclosure, no response was received, heightening concerns regarding the potential for exploitation of this security flaw.

Affected Version(s)

agno 1.7.0

agno 1.7.1

agno 1.7.2

References

https://vuldb.com/?id.319025

vdb-entrytechnical-description

https://vuldb.com/?ctiid.319025

signaturepermissions-required

https://vuldb.com/?submit.620530

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Aug 6, 2025

Credit

bayuncao (VulDB User)