CVE-2026-45630— Dokploy: Authenticated Remote Code Execution via Command Injection in updateTraefikConfig Echo Statement
Possible ATT&CK Techniques 2AI
T1203 · Exploitation for Client Execution T1059 · Command and Scripting InterpreterGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-45630
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Dokploy: Authenticated Remote Code Execution via Command Injection in updateTraefikConfig Echo Statement
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users to execute arbitrary system commands on remote servers via unsanitized echo shell interpolation.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-45630
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-45630
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-45630 (1)
Same Patch Batch · Dokploy · 2026-05-29 · 10 CVEs total
| CVE-2026-45631 | 10.0 CRITICAL | Dokploy: Pre-Auth Admin Takeover via Hardcoded Authentication Secret |
| CVE-2026-45663 | 9.9 CRITICAL | Dokploy: Remote Code Execution via destinationPath in Container File Upload |
| CVE-2026-45629 | 9.9 CRITICAL | Dokploy: Authenticated Remote Code Execution via Command Injection in /listen-deployment W |
| CVE-2026-45632 | 9.9 CRITICAL | Dokploy: Schedule Authorization Bypass Enables Host/Server Command Execution |
| CVE-2026-45661 | 9.9 CRITICAL | Dokploy: Remote Code Execution through Path Traversal |
| CVE-2026-45633 | 9.9 CRITICAL | Dokploy: Command Injection in /docker-container-logs Endpoint |
| CVE-2026-45628 | 9.6 CRITICAL | Dokploy: Command Injection via Unescaped Branch Fields in Deployment Pipeline |
| CVE-2026-45662 | 8.8 HIGH | Dokploy: Command Injection via incomplete shell escaping in docker logout (registry deleti |
| CVE-2026-43917 | Dokploy: Cross-Organization IDOR - Multiple tRPC endpoints missing activeOrganizationId va |
IV. Related Vulnerabilities
Same product: dokploy
- CVE-2026-45629
Dokploy: Authenticated Remote Code Execution via Command Inj - CVE-2026-43917
Dokploy: Cross-Organization IDOR - Multiple tRPC endpoints m - CVE-2026-45628
Dokploy: Command Injection via Unescaped Branch Fields in De - CVE-2026-45631
Dokploy: Pre-Auth Admin Takeover via Hardcoded Authenticatio - CVE-2026-45632
Dokploy: Schedule Authorization Bypass Enables Host/Server C
Same vendor: Dokploy
- CVE-2026-45629
Dokploy: Authenticated Remote Code Execution via Command Inj - CVE-2026-43917
Dokploy: Cross-Organization IDOR - Multiple tRPC endpoints m - CVE-2026-45628
Dokploy: Command Injection via Unescaped Branch Fields in De - CVE-2026-45631
Dokploy: Pre-Auth Admin Takeover via Hardcoded Authenticatio - CVE-2026-45632
Dokploy: Schedule Authorization Bypass Enables Host/Server C
Same weakness: CWE-78
- CVE-2026-49366
IntelliJ IDEA<2026.1.1文件名补全命令注入漏洞 - CVE-2026-45626
Arcane: OS Command Injection in Volume Browser ListDirectory - CVE-2026-45629
Dokploy: Authenticated Remote Code Execution via Command Inj - CVE-2026-45632
Dokploy: Schedule Authorization Bypass Enables Host/Server C - CVE-2026-45633
Dokploy: Command Injection in /docker-container-logs Endpoin
V. Comments for CVE-2026-45630
No comments yet