Listen to this Post
The vulnerability exists in Dozzle’s agent-backed shell endpoints (/api/hosts/{hostId}/containers/{containerId}/exec and /attach). When using SIMPLE authentication with per-user label filters (e.g., filter: label=env=dev), the UI correctly hides out-of-scope containers. However, the `FindContainer` function in `agent_service.go` for agent-connected hosts ignores the user’s label filter when resolving a container by its ID. It calls a.client.FindContainer(ctx, id), which bypasses all label checks. An authenticated user with the Shell role can therefore directly target the ID of a restricted container (e.g., env=prod) via the WebSocket endpoint, obtaining an interactive root shell despite the UI-based isolation. The underlying Docker client’s `FindContainer` method explicitly skips filters, creating an authorization bypass between the list and exec/attach operations.
dailycve
Platform: Dozzle
Version: <=9.0.2
Vulnerability: Authorization Bypass
Severity: Critical
date: N/A
Prediction: 2024-04-10
What Undercode Say:
docker run -d --name dozzle-agent -v /var/run/docker.sock:/var/run/docker.sock:ro -p 7007:7007 amir20/dozzle:latest agent
docker run -d --name prod-secret --label env=prod alpine sleep 100000
wscat -c "ws://localhost:8080/api/hosts/${HOST_ID}/containers/${PROD_CID}/exec" -H "Cookie: jwt=${TOKEN}"
How Exploit:
1. Authenticate as a filtered user.
2. Obtain target container ID.
3. Connect directly to agent exec endpoint.
Protection from this CVE
Upgrade to version 9.0.3.
Impact:
Root shell access.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

