CVE-2025-10619

Summary

A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This affects the function redirectToAuthorization of the file src/helpers/node-oauth-client-provider.ts of the component OAuth Server Discovery. Performing manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.0.14 is able to mitigate this issue. The patch is named e569815854166db5f71c2e722408f8957fb9e804. It is recommended to upgrade the affected component. The vendor explains: "We only promote that mcp server with our own URLs that have a valid response, but yes if someone would use it with a non sequa url, this is a valid attack vector. We have released a new version (1.0.14) that fixes this and validates that only URLs can be opened."

Affected Software

VendorProductVersion RangeStatus
sequa-aisequa-mcp1.0.0affected
sequa-aisequa-mcp1.0.1affected
sequa-aisequa-mcp1.0.2affected
sequa-aisequa-mcp1.0.3affected
sequa-aisequa-mcp1.0.4affected
sequa-aisequa-mcp1.0.5affected
sequa-aisequa-mcp1.0.6affected
sequa-aisequa-mcp1.0.7affected
sequa-aisequa-mcp1.0.8affected
sequa-aisequa-mcp1.0.9affected
sequa-aisequa-mcp1.0.10affected
sequa-aisequa-mcp1.0.11affected
sequa-aisequa-mcp1.0.12affected
sequa-aisequa-mcp1.0.13affected
sequa-aisequa-mcp1.0.14unaffected

Weaknesses

  • CWE-78: OS Command Injection
  • CWE-77: Command Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References