VYPR
← All advisories
Critical severity9.9NVD Advisory· Published May 29, 2026· Updated May 29, 2026

CVE-2026-45663

CVE-2026-45663

Description

Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly sanitized and is directly interpolated into a shell command string. By including shell metacharacters such as ; or ", an attacker can escape the intended docker cp command and execute arbitrary OS commands on the Dokploy host.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A critical command injection in Dokploy 0.29.1 and earlier allows authenticated attackers to execute arbitrary OS commands on the host via a crafted destinationPath parameter.

Vulnerability

A command injection vulnerability exists in the Docker file upload functionality of Dokploy, a self-hostable Platform as a Service (PaaS), affecting versions 0.29.1 and earlier. The flaw resides in the uploadFileToContainer function within packages/server/src/services/docker.ts. When an authenticated user uploads a file to a container, the destinationPath parameter is unsanitized and directly interpolated into a shell command string using execAsync. An attacker can inject shell metacharacters such as ; or " to break out of the intended docker cp command and execute arbitrary OS commands on the Dokploy host [1].

Exploitation

To exploit this vulnerability, an attacker must be an authenticated user of the Dokploy instance. After logging in, the attacker triggers a file upload to any container and intercepts the request. The destinationPath parameter is then set to a malicious value, for example "/ ; id && uname -a > /tmp/dokrce ; #. The server constructs a shell command like docker cp "/tmp/..." "id:/tmp/test" ; touch /tmp/pwned_upload ; #" ; rm -f ..., which executes the injected commands (touch /tmp/pwned_upload in the reference PoC) on the host [1].

Impact

Successful exploitation allows an attacker to execute arbitrary operating system commands on the Dokploy host under the privileges of the running service. This can lead to full compromise of the host server, including data exfiltration, credential theft, and lateral movement within the infrastructure. The impact is a high-integrity and high-availability loss, with complete confidentiality compromise [1].

Mitigation

As of the advisory publication date (2026-05-29), there is no patched release mentioned. The recommended mitigation is to use execFile or spawn with an array of arguments instead of string interpolation with exec, and to validate the destinationPath against a strict regex that disallows shell metacharacters (e.g., /^[a-zA-Z0-9.\-_\/ ]+$/). Administrators should apply the code changes shown in the advisory to packages/server/src/services/docker.ts and restrict access to only trusted authenticated users until an official fix is released [1].

References
  1. Remote Code Execution via destinationPath in Container File Upload

AI Insight generated on May 29, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Dokploy/Dokployinferred2 versions
    <=0.29.1+ 1 more
    • (no CPE)range: <=0.29.1
    • (no CPE)range: <=0.29.1

Patches

1
fb6b06f064b7

chore: add push trigger for version sync on tag creation

https://github.com/Dokploy/dokployMauricio SiuApr 25, 2026Fixed in 0.29.2via release-tag
commit
1 file changed · +3 0
  • .github/workflows/sync-version.yml+3 0 modified
    @@ -3,6 +3,9 @@ name: Sync version to MCP and CLI repos
 on:
   release:
     types: [published]
+  push:
+    tags:
+      - 'v*'
   workflow_dispatch:
 
 jobs:

Vulnerability mechanics

Root cause

"Missing sanitization of the destinationPath parameter allows shell metacharacters to be interpolated into a shell command string, enabling command injection."

Attack vector

An authenticated attacker sends a file upload request to any container and sets the `destinationPath` parameter to a value containing shell metacharacters such as `;` or `"`. The server interpolates this unsanitized value directly into a shell command string passed to `execAsync`, allowing the attacker to escape the intended `docker cp` command and execute arbitrary OS commands on the Dokploy host [ref_id=1]. The CVSS vector indicates network-based, low-complexity exploitation with no special privileges beyond authentication.

Affected code

The vulnerability resides in `uploadFileToContainer` in `packages/server/src/services/docker.ts`. The advisory also identifies the endpoint `uploadFileToContainer` in `apps/dokploy/server/api/routers/docker.ts` as the affected component [ref_id=1].

What the fix does

The advisory recommends two changes: first, validate `destinationPath` against a strict regex (`/^[a-zA-Z0-9.\-_\/ ]+$/`) that rejects shell metacharacters; second, replace `execAsync` (which invokes a shell) with `execFileAsync` using argument arrays, preventing shell interpretation of metacharacters [ref_id=1]. The supplied patch (`patch_id=3102114`) only adds a CI workflow trigger and does **not** address the command injection.

Preconditions

  • authThe attacker must have a valid authenticated session on the Dokploy instance.
  • inputThe attacker must be able to trigger a file upload to a container and control the destinationPath parameter.

Generated on May 29, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

1

News mentions

0

No linked articles in our index yet.