docker-api-unauthorized-rce: docker api未授权访问rce

日期: 2025-09-01 | 影响软件: docker api | POC: 已公开

漏洞描述

docker api未授权访问rce fofa-query: port=2375 && protocol=="docker"

PoC代码[已公开]

id: docker-api-unauthorized-rce

info:
  name: docker api未授权访问rce
  author: j4ckzh0u(https://github.com/j4ckzh0u)
  severity: critical
  description: |
    docker api未授权访问rce
    fofa-query: port=2375 && protocol=="docker"
  reference:
    - https://github.com/vulhub/vulhub/tree/master/docker/unauthorized-rce
    

rules:
    r0:
        request:
            method: GET
            path: /info
        expression: response.status == 200 && response.content_type.contains("json") && response.body.bcontains(b"KernelVersion") && response.body.bcontains(b"RegistryConfig") && response.body.bcontains(b"DockerRootDir")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/docker-api-unauthorized-rce.yaml

相关漏洞推荐