CVE-2025-53355

Name of the Vulnerable Software and Affected Versions: MCP Server Kubernetes versions prior to 2.5.0

Description: MCP Server Kubernetes is vulnerable to a command injection issue due to the unsanitized use of input parameters within a call to child process.execSync. This allows an attacker to inject arbitrary system commands, potentially leading to remote code execution with the privileges of the server process. The vulnerability exists because the server constructs and executes shell commands using unvalidated user input directly within command-line strings, introducing the possibility of shell metacharacter injection. The vulnerability can be exploited through indirect prompt injection via pod logs or by directly crafting malicious input to the kubectl scale tool.

Recommendations: MCP Server Kubernetes versions prior to 2.5.0: Upgrade to version 2.5.0 or later to resolve this vulnerability. As a temporary workaround, avoid using child process.execSync with untrusted input. Consider using child process.execFileSync instead, which allows passing arguments as a separate array, avoiding shell interpretation.