exposed-dockerd: Docker Daemon Exposed

日期: 2025-08-01 | 影响软件: Docker | POC: 已公开

漏洞描述

Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system.

PoC代码[已公开]

id: exposed-dockerd

info:
  name: Docker Daemon Exposed
  author: arafatansari
  severity: critical
  description: |
    Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system.
  metadata:
    verified: true
    max-request: 1
    shodan-query: port:2375 product:"docker"
  tags: network,docker,exposure,tcp,discovery
tcp:
  - inputs:
      - data: "Docker:\nVersion:\n"

    host:
      - "{{Hostname}}"
    port: 2375

    matchers:
      - type: word
        words:
          - "Server: Docker"
# digest: 490a00463044022061fd5ab7766f85ac7d69b636e92787c9e974d9845964f9ab843b4b1e3719a53f02207ba219a6c72250ac9052d089adcbf6704ca90d82e0858230122ed83155b43ad4:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/network/exposures/exposed-dockerd.yaml

相关漏洞推荐