CVE-2026-43901 - Vulnerability Details

Description

Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts an attacker-controlled dest_dir parameter and passes it to tshark's --export-objects flag with no mandatory path restriction. The path sandbox (_allowed_dirs) is None by default and only activates when the environment variable WIRESHARK_MCP_ALLOWED_DIRS is explicitly set. In a default installation, any directory on the filesystem can be used as the export destination.

Published: 2026-05-11

Score: 6.8 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Wireshark MCP's export_objects tool accepts an attacker‑controlled destination directory and forwards it to tshark’s --export-objects flag without enforcing any path restrictions. This capability allows an attacker to write files to any location on the host filesystem, resulting in arbitrary file overwrite or creation. The vulnerability aligns with CWE‑22, where directory traversal or lack of proper checks permits untrusted inputs to produce unintended file system access.

Affected Systems

The affected product is Wireshark‑MCP (bx33661) version 1.1.5 and earlier. In a default installation the allowed‑dirs sandbox is disabled unless the environment variable WIRESHARK_MCP_ALLOWED_DIRS is set, meaning any user with access to the MCP server could target arbitrary directories on the host system.

Risk and Exploitability

The CVSS score of 6.8 indicates a medium severity. Because the EPSS score is not available, the current exploitation probability is unknown, but the vulnerability is not listed in the CISA KEV catalog. An attacker who can communicate with the MCP server can exploit the flaw remotely by sending a crafted dest_dir parameter; successful exploitation grants write access to sensitive files or the ability to create malicious files, potentially leading to privilege escalation or persistence. The lack of a mandatory path restriction makes the attack straightforward, but the impact depends on the privileges of the MCP process and the configuration of the host.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

bx33661

Wireshark-MCP

affected

Version	Status	Constraints
`<= 1.1.5`	affected	—

No data.

Vendor Product Confidence Versions

Bx33661

Wireshark-mcp

100%

Version	Status	Scheme	Platform
`[0,1.1.5]`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Wireshark‑MCP to a version that removes the unfiltered dest_dir handling (any release newer than 1.1.5 to be verified via vendor advisories).
Configure the WIRESHARK_MCP_ALLOWED_DIRS environment variable to a strict directory list so that all exports are confined to safe locations and the path sandbox is active.
Restrict network access to the MCP server and disable the export_objects capability for users who do not require it, ensuring only trusted remote endpoints can invoke the command.

Generated by OpenCVE AI on May 11, 2026 at 23:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-3r68-x3xc-rxpg	wireshark-mcp vulnerable to arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/bx33661/Wireshark-MCP/security/advisories/GHSA-3r68-x3xc-rxpg

History

Tue, 12 May 2026 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Bx33661 Bx33661 wireshark-mcp
Vendors & Products		Bx33661 Bx33661 wireshark-mcp

Mon, 11 May 2026 22:30:00 +0000

Type	Values Removed	Values Added
Description		Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts an attacker-controlled dest_dir parameter and passes it to tshark's --export-objects flag with no mandatory path restriction. The path sandbox (_allowed_dirs) is None by default and only activates when the environment variable WIRESHARK_MCP_ALLOWED_DIRS is explicitly set. In a default installation, any directory on the filesystem can be used as the export destination.
Title		Wireshark MCP: Arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured
Weaknesses		CWE-22
References		https://github.com/bx33661/Wireshark-MCP/security/advisories/GHSA-3r68-x3xc-rxpg
Metrics		cvssV3_1 `{'score': 6.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N'}`

Subscriptions

Bx33661 Wireshark-mcp

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-05-11T21:51:41.387Z

Updated: 2026-05-11T21:51:41.387Z

Reserved: 2026-05-04T16:11:33.085Z

Link: CVE-2026-43901

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-11T23:20:21.697

Modified: 2026-05-11T23:20:21.697

Link: CVE-2026-43901

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-12T09:22:15Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object