docker-api-unauthorized-rce: docker api未授权访问rce

日期: 2025-08-01 | 影响软件: docker-api | POC: 已公开

漏洞描述

docker api未授权访问rce fofa: port=2375 && protocol=="docker"

PoC代码[已公开]

id: docker-api-unauthorized-rce

info:
  name: docker api未授权访问rce
  author: j4ckzh0u
  severity: critical
  description: |-
    docker api未授权访问rce
    fofa: port=2375 && protocol=="docker"
  reference:
    - https://github.com/vulhub/vulhub/tree/master/docker/unauthorized-rce
  tags: docker,rce
  created: 2023/08/13

rules:
  r0:
    request:
      method: GET
      path: /info
    expression: response.status == 200 && response.content_type.contains("json") && response.body.bcontains(b"KernelVersion") && response.body.bcontains(b"RegistryConfig") && response.body.bcontains(b"DockerRootDir")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/docker-api-unauthorized-rce.yaml