CVE-2021-41091

This repository contains a working exploit for CVE-2021-41091, a privilege escalation vulnerability in Moby (Docker Engine) due to improperly restricted permissions in /var/lib/docker/overlay2. The exploit script checks for vulnerable Docker versions and attempts to spawn a root shell by leveraging setuid binaries in container filesystems.

This PoC exploits CVE-2021-41091, a Docker Engine vulnerability allowing unprivileged users to traverse and execute setuid programs in the Docker data directory. The exploit script checks for vulnerable Docker versions, iterates over overlay2 filesystems, and spawns a root shell if a setuid binary is found.

This repository contains a functional exploit for CVE-2021-41091, a directory traversal vulnerability in Moby (Docker Engine) that allows unprivileged users to execute programs on the host machine with elevated privileges. The exploit involves running scripts inside a container and on the host to achieve privilege escalation via a SUID binary.

This PoC exploits CVE-2021-41091, a directory traversal vulnerability in Moby (Docker Engine), allowing unprivileged users to execute programs from the container on the host machine with elevated privileges. The exploit involves setting the SUID bit on /bin/bash within the container and leveraging directory traversal to execute it on the host.