关联漏洞
标题:
Docker Desktop 安全漏洞
(CVE-2025-9074)
描述:Docker Desktop是美国Docker公司的一个基于容器技术的用于轻量化部署应用的桌面软件。该产品可提供桌面环境可支持在Linux/Windows/Mac OS系统上创建一个容器(轻量级虚拟机)并部署和运行应用程序,以及通过配置文件实现应用程序的自动化安装、部署和升级。 Docker Desktop存在安全漏洞,该漏洞源于本地Linux容器可访问Docker Engine API,可能导致执行特权命令。
描述
New vulnerability found in Docker. Credit for finding the vulnerability goes to Felix Boulet
介绍
# CVE-2025-9074 - Docker Remote API (Lab PoC)
> ⚠️ **Disclaimer:**
> This repository is for **educational and research purposes only**.
> Do **not** use this code outside of a controlled environment that you own.
> The author is not responsible for misuse.
---
## Overview
This repository contains a proof-of-concept (PoC) for **CVE-2025-9074**, a misconfiguration vulnerability involving the Docker Remote API.
When the Docker daemon was exposed without authentication, an attacker could issue API requests to create and start containers.
This PoC demonstrates the issue in a safe and controlled environment.
**Note:** This vulnerability has been patched.
---
## Original Write-Up
Credit for the original research and write-up goes to:
🔗 [qwertysecurity.com – Blog Post](https://blog.qwertysecurity.com/Articles/blog3.html)
This repository adapts that work into a Python PoC for easier testing in lab environments.
---
## How it Works
- The script interacts with the Docker Remote API over HTTP.
- It creates a new container with a specified command.
- The container is then started via the API.
The vulnerability existed if the Docker daemon was listening on `tcp://0.0.0.0:2375` without TLS or authentication.
---
## Usage
### 1. Run Docker with the API exposed (lab only)
```bash
dockerd -H tcp://0.0.0.0:2375
文件快照
[4.0K] /data/pocs/fb30fabc39191bf7fa96a8f72596adeee5562aae
├── [2.3K] exploit.py
└── [1.3K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。