CVE-2026-45661

EPSS 0.66%
Veröffentlicht 29.05.2026 16:07:54
Zuletzt bearbeitet 02.06.2026 03:16:17
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Dokploy: Remote Code Execution through Path Traversal

Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote server deployment feature, this vulnerability enables arbitrary file write to remote server filesystems, automatic remote code execution via cron jobs, complete server compromise, data exfiltration without user interaction, and persistent backdoor installation. This vulnerability bypasses all container isolation on remote server deployments.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 4

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerDokploy

≫

Produkt dokploy

Version <= 0.26.5

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.66%	0.467

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	9.9	3.1	6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CWE-35 Path Traversal: '.../...//'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

https://github.com/Dokploy/dokploy/security/advisories/GHSA-66v7-g3fh-47h3

https://nvd.nist.gov/vuln/detail/CVE-2026-45661

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-45661

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-45661

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-45661