Overview
The CVE-2025-53372 vulnerability refers to a critical flaw found in the node-code-sandbox-mcp, a Node.js-based Model Context Protocol server. This vulnerability, if successfully exploited, can lead to remote code execution, compromising the host system and potentially leading to data leakage. This vulnerability affects all versions of node-code-sandbox-mcp prior to 1.3.0.
Vulnerability Summary
CVE ID: CVE-2025-53372
Severity: High, CVSS: 7.5
Attack Vector: Network
Privileges Required: None
User Interaction: None
Impact: Remote Code Execution, Potential System Compromise, and Data Leakage
Affected Products
Escape the Surveillance Era
Most apps won’t tell you the truth.
They’re part of the problem.
Phone numbers. Emails. Profiles. Logs.
It’s all fuel for surveillance.
Ameeba Chat gives you a way out.
- • No phone number
- • No email
- • No personal info
- • Anonymous aliases
- • End-to-end encrypted
Chat without a trace.
Product | Affected Versions
node-code-sandbox-mcp | < 1.3.0 How the Exploit Works
The vulnerability exists due to the unsanitized use of input parameters within a call to child_process.execSync. This allows an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process’s privileges on the host machine, bypassing the sandbox protection of running code inside docker.
Conceptual Example Code
Here’s a conceptual example of how an attacker might exploit this vulnerability:
// Attacker uses unsanitized input to pass malicious command
var payload = "`touch /tmp/arbitrary-file`";
// The unsanitized input is passed to child_process.execSync
require('child_process').execSync(payload);In this example, if the payload is executed, an arbitrary file would be created in the /tmp directory, demonstrating the ability to execute arbitrary commands.
