Security vulnerabilities in MCP Server related to subprocess execution

Glama

Search for:

Security vulnerabilities in MCP Server related to subprocess execution

View all MCP Servers

Why this server?
This server explicitly allows 'any and all command execution over CMD', which directly addresses the user's concern about subprocess.run, execFile, and exec as potential risks for arbitrary command execution.
cmd-mcp-server
PhialsBasement
A
security
A
license
A
quality
MCP server allowing any and all command execution over CMD
Last updated -
2
27
21
MIT License
Why this server?
This server is 'intentionally vulnerable' and designed for security research, explicitly mentioning 'executes SQL queries or shell commands without restrictions'. This is a direct match for the user's query about potential risks like `subprocess.run`.
Vulnerable MCP Server
evrenyal
-
security
F
license
-
quality
Intentionally vulnerable Model Context Protocol (MCP) server designed for security research that processes natural language queries through an LLM to execute SQL queries or shell commands without restrictions.
Last updated -
3
Why this server?
This server is 'deliberately vulnerable' and demonstrates 'arbitrary code execution', which is precisely the type of risk the user is asking about in relation to functions like `exec` and `subprocess.run`.
Damn Vulnerable MCP Server Demo
pfelilpe
A
security
A
license
A
quality
A vulnerable MCP server implementation that demonstrates how poor coding practices can lead to security issues like Remote Code Execution, designed for educational purposes to add numbers.
Last updated -
1
2
MIT License
Why this server?
This server provides 'unrestricted system access to Windows environments with SYSTEM-level privileges, allowing complete control over files, processes, and configuration settings'. This represents a significant potential risk for arbitrary command and code execution.
Super Windows CLI MCP Server
Faucet94
A
security
A
license
A
quality
A command-line interface server that provides unrestricted system access to Windows environments with SYSTEM-level privileges, allowing complete control over files, processes, and configuration settings.
Last updated -
4
295
MIT License
Why this server?
This server explicitly enables LLMs to 'safely execute shell commands with error handling and timeout settings'. While it mentions safety measures, the core functionality of executing shell commands (like `subprocess.run`) is the potential risk the user is inquiring about.
Simple Subprocess MCP Server
yonaka15
A
security
F
license
A
quality
A Model Context Protocol server that enables LLM applications to safely execute shell commands with error handling and timeout settings.
Last updated -
1
Why this server?
This server provides 'secure shell command execution capabilities, allowing AI models like Claude to run shell commands'. The ability to run shell commands is a direct match for the user's keywords and a potential area of risk.
Shell MCP Server
hdresearch
A
security
A
license
A
quality
A Node.js implementation of the Model Context Protocol that provides secure shell command execution capabilities, allowing AI models like Claude to run shell commands in a controlled environment with built-in security measures.
Last updated -
1
154
36
MIT License
Why this server?
This server enables 'remote execution of shell commands across different operating systems'. Remote execution of commands is a significant risk factor, directly relevant to the user's query.
Remote Command MCP Server
deepsuthar496
A
security
A
license
A
quality
A Model Context Protocol server that enables remote execution of shell commands across different operating systems, automatically handling platform-specific differences between Windows and Unix-like systems.
Last updated -
1
MIT License
Why this server?
This server provides a 'persistent Python REPL environment...allowing execution of Python code, variable management, and package installation'. Direct code execution is a clear potential risk.
Python REPL MCP Server
hdresearch
A
security
A
license
A
quality
A server that provides a persistent Python REPL environment through the MCP protocol, allowing execution of Python code, variable management, and package installation.
Last updated -
3
27
MIT License
Why this server?
This server provides a 'secure, isolated JavaScript execution environment...for safely running code from Claude'. Similar to Python, direct JavaScript code execution poses a risk, even with sandboxing.
JavaScript Sandbox MCP Server
garc33
A
security
F
license
A
quality
Provides a secure, isolated JavaScript execution environment with configurable time and memory limits for safely running code from Claude.
Last updated -
1
27
5
Why this server?
This tool allows 'penetration testing through Kali Linux commands executed...supporting security testing operations like SQL injection and command execution'. The use of penetration testing tools and command execution directly points to the types of risks mentioned.
Kali Linux MCP Server
sfz009900
A
security
F
license
A
quality
A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
Last updated -
5
43