Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature (share start) opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple socket script. An attacker who connects to a ZAI-Shell P2P session running in --no-ai mode can send arbitrary system commands. If the host user approves the command without reviewing its contents, the command executes directly with the user's privileges, bypassing all Sentinel safety checks. This vulnerability is fixed in 9.0.3.

AI Analysis

Unauthenticated remote code execution via P2P sharing in ZAI-Shell

Basic Information

ID CVE-2026-25807

Source GitHub_M

Published Feb 9, 2026 at 21:46

Affected Product

Vendor TaklaXBR

Product zai-shell

Version < 9.0.3

Affected Versions TaklaXBR zai-shell < 9.0.3

CWE Classification

CWE-94

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor TaklaXBR

Product ZAI Shell

Version < 9.0.3

References

{
    "lastseen": "",
    "description": "ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature (share start) opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple socket script. An attacker who connects to a ZAI-Shell P2P session running in --no-ai mode can send arbitrary system commands. If the host user approves the command without reviewing its contents, the command executes directly with the user's privileges, bypassing all Sentinel safety checks. This vulnerability is fixed in 9.0.3.",
    "published": "2026-02-09T21:46:20.164Z",
    "modified": "2026-02-09T21:46:20.164Z",
    "type": "cve",
    "title": "Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell",
    "source": "GitHub_M",
    "references": "https://github.com/TaklaXBR/zai-shell/security/advisories/GHSA-6pjj-r955-34rr\nhttps://github.com/TaklaXBR/zai-shell/commit/a4ea8525d912f55d6e2f09b2869966c52d189a4a\nhttps://github.com/TaklaXBR/zai-shell/releases/tag/v9.0.3",
    "id": "CVE-2026-25807",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "TaklaXBR zai-shell < 9.0.3",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "zai-shell",
    "version": "< 9.0.3",
    "vendor": "TaklaXBR",
    "ai_description": "Unauthenticated remote code execution via P2P sharing in ZAI-Shell",
    "ai_severity": "High",
    "ai_vendor": "TaklaXBR",
    "ai_product": "ZAI Shell",
    "ai_version": "< 9.0.3",
    "ai_score": 8.8
}

Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell_CVE-2026-25807