This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **CVE-2026-24841** is a critical **OS Command Injection** flaw in **Dokploy**. It allows attackers to execute arbitrary system commands via the WebSocket endpoint `/docker-container-terminal`.β¦
π‘οΈ **Root Cause**: **CWE-78** (OS Command Injection). The vulnerability stems from improper input sanitization in the `docker-container-terminal.ts` file.β¦
π¦ **Affected**: **Dokploy** versions **prior to 0.26.6**. Specifically, the WebSocket service handling Docker container terminals is the vulnerable component. Ensure you are not running legacy builds.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: With this flaw, hackers can execute **any command** on the host OS. This leads to: 1. Full **Root/Admin** access. 2. Exfiltration of sensitive data. 3.β¦
β οΈ **Exploitation Threshold**: **Low to Medium**. The CVSS vector `PR:L` indicates **Low Privileges** are required to exploit (authenticated user). However, `AC:L` means **Low Attack Complexity**.β¦
π **Public Exploits**: Yes. A PoC is available at [CVE-2026-24841_Range](https://github.com/otakuliu/CVE-2026-24841_Range). This simulation range helps test environments.β¦
π **Self-Check**: 1. Check your Dokploy version (`< 0.26.6`). 2. Scan for the WebSocket endpoint `/docker-container-terminal`. 3. Use automated scanners targeting CWE-78 in Node.js/WebSocket services. 4.β¦
β **Official Fix**: **Yes**. The vendor has released a fix. See the GitHub Advisory: [GHSA-vx6x-6559-x35r](https://github.com/Dokploy/dokploy/security/advisories/GHSA-vx6x-6559-x35r). The fix is in commit `74e0bd5`.β¦