CVE-2026-43901

Name of the Vulnerable Software and Affected Versions wireshark-mcp versions 1.1.5 and earlier

Description wireshark-mcp exposes a wireshark export objects tool that accepts an attacker-controlled dest dir parameter and passes it to the --export-objects flag of tshark without mandatory path restrictions. By default, the path sandbox allowed dirs is set to None, allowing any directory on the filesystem to be used as an export destination. This issue also affects the merge pcap files, editcap trim, editcap split, editcap time shift, editcap deduplicate, and text2pcap import operations. An attacker could potentially use prompt injection within a pcap payload to manipulate an AI model into writing files to sensitive locations, such as /home/user/.ssh/ or /etc/cron.d/.

Recommendations For versions 1.1.5 and earlier, set the WIRESHARK MCP ALLOWED DIRS environment variable to a restricted safe directory before starting the server to activate the sandbox and block writes outside the allowed path.