Os Command Injection in A-G-U-P-T-A's Wireshark-MCP Tool
CVE-2026-7785

6.9MEDIUM

Key Information:

Vendor

A-g-u-p-t-a

Status
Wireshark-mcp
Vendor
CVE Published:
4 May 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-7785?

A security vulnerability has been identified in A-G-U-P-T-A's Wireshark-MCP, specifically within the quick_capture function of the pyshark_mcp.py file. This flaw allows for os command injection, potentially enabling remote attackers to execute arbitrary commands. Despite the early identification of this issue through an issue report, there has been no response from the project maintainers. Given that the Wireshark-MCP operates on a rolling release basis, no fixed or updated version information is currently available, which presents ongoing risks to users of the tool.

Affected Version(s)

wireshark-mcp 400c3da70074f22f3cce7ccb65304cafc7089c89

wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-7785 - Proof of Concept

References

https://vuldb.com/vuln/360985
vdb-entrytechnical-description
https://vuldb.com/vuln/360985/cti
signaturepermissions-required
https://vuldb.com/submit/807745
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

CPT_Penner (VulDB User)
VulDB CNA Team
.