CVE-2025-35028: HexStrike AI MCP Server Command Injection

AHA! has discovered an issue with HexStrike AI from 0x4m4, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on November 30, 2025. CVE-2025-35028 has been assigned to this issue. Any questions about this disclosure should be directed to [email protected].

The GCVE identifier for this issue is GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011

Executive Summary

HexStrike AI is a fairly popular model context protocol (MCP) server, having collected about five thousand stars on GitHub at the time of this disclosure, and has been forked over a thousand times. It is billed as an “AI-Powered MCP Cybersecurity Automation Platform,” and is likely shipping as part of other AI security products.

CVE-2025-35021: Abilis CPX Fallback Shell Connection Relay

AHA! has discovered an issue with Abilis CPX devices, and is publishing this disclosure in accordance with runZero’s standard disclosure policy today, November 3, 2025. CVE-2025-35021 has been assigned to this issue. Any questions about this disclosure should be directed to [email protected].

The GCVE identifier for this issue is GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100

Executive Summary

By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections. This issue is an instance of CWE-1188, ‘Initialization of a Resource with an Insecure Default,’ and is estimated to have a CVSS 3.1 score of 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N). The relevant SSVC vectors for this vulnerability are Exploitation: PoC and Technical Impact: Partial.

CVE-2025-35027: Unitree Robotics wpa_supplicant_restart.sh Command Injection

AHA! has discovered an issue with the Go2, G1, H1, and B2 series robots (which includes both the quadraped and biped model lines) from Unitree, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on Friday, September 26, 2025. CVE-2025-35027 has been assigned to this issue.

Any questions about this disclosure should be directed to [email protected].

The GCVE identifier for this issue is GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010

CVE-2025-8452: Brother Printer Serial Number Disclosure

AHA! has discovered an issue with multi-function printer (MFP) firmware from Brother, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on Thursday, August 14, 2025. CVE-2025-8452 has been assigned to this issue.

The GCVE identifier for this issue is GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Brother printer firmware advertises the serial number of the device over the network via the “uscan” protocol in its implementation of the eSCL specification. While serial numbers are rarely considered sensitive, in this case, the serial number can be used to derive the default administrator password of the device. Therefore, this is an instance of CWE-538:  Insertion of Sensitive Information into Externally-Accessible File or Directory, and we estimate the CVSS 3.1 rating to be 4.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) .

CVE-2025-32455: ON Semiconductor Quantenna router_command.sh run_cmd Argument Injection

AHA! has discovered an issue with Quantenna Wi-Fi chips from ON Semiconductor, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on June 8, 2025. CVE-2025-32455 has been assigned to this issue.

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Quantenna Wi-Fi chips ship with a local control script that is vulnerable to command injection. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.7.