Arbitrary Code Execution
Description
All versions of docker-cli-js are vulnerable to arbitrary command injection via the Docker.command method when user input is passed unsanitized.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
All versions of docker-cli-js are vulnerable to arbitrary command injection via the Docker.command method when user input is passed unsanitized.
Vulnerability
The docker-cli-js package (all versions) is a Node.js wrapper for the Docker CLI. It uses child_process.exec to execute Docker commands [1]. The Docker.command method accepts a command string that is passed directly to the shell without sanitization. If any part of this string is user-controlled, an attacker can inject arbitrary OS commands. The issue is documented in [4] and confirmed by Snyk [3].
Exploitation
An attacker needs to control at least a portion of the command parameter passed to Docker.command. For example, if an application constructs a command like docker.command('run ... ' + containerName), a user can provide a container name containing shell metacharacters (e.g., a semicolon) to execute arbitrary commands on the host. No authentication is required beyond the ability to supply input to the vulnerable method. The Snyk advisory provides a proof-of-concept using exec container-test bash -c "${userInput}" [3].
Impact
Successful exploitation allows arbitrary OS command execution on the host system with the privileges of the Node.js process. This can lead to full compromise of the host, including data exfiltration, installation of malware, or lateral movement. The impact is critical as the attacker gains code execution outside any container sandbox.
Mitigation
As of the latest references, there is no fixed version of docker-cli-js [3]. The package appears unmaintained. Users should avoid passing unsanitized user input to the Docker.command method. If possible, switch to a maintained alternative or implement strict input validation (e.g., whitelist allowed commands and arguments). The GitHub issue [4] recommends documenting the lack of sanitization, but no patch has been released.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
docker-cli-jsnpm | <= 2.8.0 | — |
Affected products
2- docker-cli-js/docker-cli-jsdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing input sanitization in the `Docker.command` method allows OS command injection via unsanitized user input."
Attack vector
An attacker who can partially or fully control the `command` parameter of the `Docker.command` method can inject arbitrary OS commands. The library constructs a shell command string that includes user input without neutralization, so a crafted argument (e.g., a backtick or semicolon payload) breaks out of the intended Docker command and executes attacker-controlled commands on the host system [CWE-78] [ref_id=1]. No authentication or special network access is required beyond the ability to supply input to the vulnerable method.
Affected code
The vulnerability resides in the `Docker.command` method of the `docker-cli-js` package. The method passes user-controlled input directly into an OS command string without sanitization, as demonstrated by the `userInput` variable being interpolated into a shell command [ref_id=1].
What the fix does
No patch or fixed version has been published for `docker-cli-js` [ref_id=1]. The advisory recommends avoiding the use of the package or ensuring that user input is never passed to the `Docker.command` method. Without a fix, the only remediation is to stop using the library or to wrap calls to `Docker.command` with a strict input sanitizer that rejects shell metacharacters.
Preconditions
- inputThe attacker must be able to supply input that is passed (even partially) to the `command` parameter of the `Docker.command` method.
- configThe application must use the `docker-cli-js` package and invoke `Docker.command` with user-controllable data.
Reproduction
1. Create `exploit.js` with: `var dockerCLI = require('docker-cli-js'); var DockerOptions = dockerCLI.Options; var Docker = dockerCLI.Docker; var docker = new Docker(); var userInput = "echo 'Hello from the container'"; docker.command(exec container-test bash -c "${userInput}", function (err, data) { console.log('data = ', data); });` 2. Run `npm install docker-cli-js` in the same directory. 3. Create a background Docker container: `docker run --name container-test -d ubuntu sleep 1000`. 4. Run `node exploit.js` — the output shows commands executed on the host [ref_id=1].
Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-ff45-7prw-58vjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-23732ghsaADVISORY
- github.com/Quobject/docker-cli-js/issues/22ghsaWEB
- github.com/Quobject/docker-cli-js/issues/22ghsaWEB
- security.netapp.com/advisory/ntap-20211223-0004/mitrex_refsource_CONFIRM
- snyk.io/vuln/SNYK-JS-DOCKERCLIJS-1568516ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.