Search criteria
1 vulnerability by A-G-U-P-T-A
CVE-2026-7785 (GCVE-0-2026-7785)
Vulnerability from cvelistv5 – Published: 2026-05-04 23:45 – Updated: 2026-05-05 12:38
VLAI
Title
A-G-U-P-T-A wireshark-mcp pyshark_mcp.py quick_capture os command injection
Summary
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360985 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/360985/cti | signaturepermissions-required |
| https://vuldb.com/submit/807745 | third-party-advisory |
| https://github.com/A-G-U-P-T-A/wireshark-mcp/issues/1 | exploitissue-tracking |
| https://github.com/A-G-U-P-T-A/wireshark-mcp/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| A-G-U-P-T-A | wireshark-mcp |
Affected:
400c3da70074f22f3cce7ccb65304cafc7089c89
Affected: edaf604416fbc94a201b4043092d4a1b09a12275 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7785",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-05T12:38:48.524391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T12:38:54.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wireshark-mcp",
"vendor": "A-G-U-P-T-A",
"versions": [
{
"status": "affected",
"version": "400c3da70074f22f3cce7ccb65304cafc7089c89"
},
{
"status": "affected",
"version": "edaf604416fbc94a201b4043092d4a1b09a12275"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "CPT_Penner (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T23:45:16.986Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360985 | A-G-U-P-T-A wireshark-mcp pyshark_mcp.py quick_capture os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360985"
},
{
"name": "VDB-360985 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360985/cti"
},
{
"name": "Submit #807745 | A-G-U-P-T-A wireshark-mcp 400c3da70074f22f3cce7ccb65304cafc7089c89 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/807745"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/A-G-U-P-T-A/wireshark-mcp/issues/1"
},
{
"tags": [
"product"
],
"url": "https://github.com/A-G-U-P-T-A/wireshark-mcp/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-04T18:09:41.000Z",
"value": "VulDB entry last update"
}
],
"title": "A-G-U-P-T-A wireshark-mcp pyshark_mcp.py quick_capture os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7785",
"datePublished": "2026-05-04T23:45:16.986Z",
"dateReserved": "2026-05-04T16:04:35.270Z",
"dateUpdated": "2026-05-05T12:38:54.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}