CVE-2025-54377 – CVE-2025-54377 is a command injection vulnerabi... (How to Fix)

Q: What is the severity of CVE-2025-54377?

CVE-2025-54377 has a CVSS score of 7.8 (HIGH). CVE-2025-54377 is a command injection vulnerability in Roo Code AI coding agent that allows bypassing allow-list restrictions via line break characters. Attackers can smuggle unauthorized commands by injecting newline characters in command input. This affects all users running Roo Code versions 3.23.18 and below.

📋 TL;DR

CVE-2025-54377 is a command injection vulnerability in Roo Code AI coding agent that allows bypassing allow-list restrictions via line break characters. Attackers can smuggle unauthorized commands by injecting newline characters in command input. This affects all users running Roo Code versions 3.23.18 and below.

💻 Affected Systems

Products:

Roo Code AI coding agent

Versions: 3.23.18 and below

Operating Systems: All platforms where Roo Code runs

Default Config Vulnerable: ⚠️ Yes

Notes: All installations with default settings are vulnerable. The vulnerability exists in the command parsing logic regardless of configuration.

📦 What is this software?

Roo Code by Roocode

View all CVEs affecting Roo Code →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through arbitrary command execution, potentially leading to data theft, ransomware deployment, or complete host takeover.

🟠

Likely Case

Limited command execution within the user's context, potentially accessing sensitive files, modifying code, or establishing persistence.

🟢

If Mitigated

Commands limited to allow-list functionality only, with no unauthorized execution possible.

🌐 Internet-Facing: MEDIUM - Requires user interaction with the editor/agent, but could be exploited through malicious code suggestions or AI interactions.

🏢 Internal Only: HIGH - Developers using vulnerable versions are at risk from both intentional exploitation and accidental misuse.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction with the Roo Code agent, but the injection technique is simple once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.23.19

Vendor Advisory: https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-p278-52x9-cffx

Restart Required: Yes

Instructions:

1. Update Roo Code to version 3.23.19 or later. 2. Restart your editor/IDE. 3. Verify the update completed successfully.

🔧 Temporary Workarounds

Disable command execution

all

Temporarily disable Roo Code's command execution features until patched.

Check Roo Code settings for command execution options and disable them

Restrict to trusted sources

all

Only use Roo Code with trusted codebases and avoid unknown or untrusted inputs.

🧯 If You Can't Patch

Isolate Roo Code usage to development environments with limited network access and minimal privileges.
Implement strict monitoring of command execution and alert on unusual patterns or unexpected commands.

🔍 How to Verify

Check if Vulnerable:

Check Roo Code version in your editor/IDE settings. If version is 3.23.18 or below, you are vulnerable.

Check Version:

Check within your editor's Roo Code extension settings or run: roo --version if CLI is available

Verify Fix Applied:

After updating, verify version is 3.23.19 or higher and test that multi-line command injection is no longer possible.

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns
Commands containing newline characters in Roo Code logs
Commands not matching allow-list patterns

Network Indicators:

Unexpected outbound connections from development machines
Unusual data exfiltration patterns

SIEM Query:

Search for Roo Code process execution with suspicious arguments or commands containing newline characters

📊 Metadata

CVE ID: CVE-2025-54377

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-77

EPSS Score: 0.05% exploit probability (14.5th percentile)

Published: July 23, 2025

Last Updated: September 11, 2025

🔗 References

https://github.com/RooCodeInc/Roo-Code/commit/9d434c2db9b20eb5c78b698cb2b0037cd2074534 Patch
https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-p278-52x9-cffx Exploit,Vendor Advisory
https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-p278-52x9-cffx Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-54377, you might also want to check these: