FastMCP Command Injection Vulnerability in Cursor Installer on Windows

A command injection vulnerability has been identified in FastMCP versions prior to 2.13.0. This vulnerability allows attackers to execute arbitrary operating system commands on Windows hosts running FastMCP. The issue arises when the server_name field is manipulated, as this input is directly embedded in a query string that is executed with shell privileges, escaping the command context and potentially leading to the execution of malicious processes.

Impact

Exploitation of this vulnerability allows for OS command injection, with the potential to execute arbitrary commands on the affected Windows system.

Reproduction

To reproduce this vulnerability, create a Python script that uses the FastMCP framework. In the script, set the server_name parameter to include command metacharacters, such as '&', which can be used to escape the command execution context. Then, run the FastMCP command 'fastmcp install cursor' with the crafted script as the argument. This will trigger the command injection by executing the embedded commands on the Windows host.

Remediation

Users are advised to update FastMCP to version 2.13.0 or later, where this vulnerability has been fixed.