CVE-2025-9074

This PoC exploits an unauthenticated Docker Engine API exposure (TCP port 2375) to create a malicious container with bind mounts, enabling arbitrary host filesystem access and potential RCE. It leverages misconfigured Docker Desktop settings to execute commands without authentication.

This repository contains a functional Bash script that exploits an unauthenticated Docker API (CVE-2025-9074) to achieve remote command execution on the host system. The script dynamically detects the target OS, enumerates available Docker images, and mounts the host filesystem to execute arbitrary commands.

This repository contains a functional Python exploit for CVE-2025-9074, targeting Docker's API to execute commands and spawn interactive terminals in containers. The exploit interacts with the Docker daemon via HTTP requests and includes features for path normalization and dependency checks.

This repository contains a functional Python-based PoC for CVE-2025-9074, which exploits a misconfiguration in Docker Desktop for Windows where the Docker Engine API is exposed to containers, allowing an attacker to create a bind mount to the host's C: drive and write arbitrary files.

This repository contains a functional Python PoC for CVE-2025-9074, a Docker Remote API misconfiguration vulnerability. The exploit demonstrates how an attacker can create and start containers on a Docker daemon exposed without authentication.

This is a functional exploit for Docker's unauthenticated API (port 2375) that allows container enumeration, file exfiltration, and interactive shell access. It uses the Docker API to list containers, extract files, and execute commands via `docker exec`.

This repository contains a functional exploit for CVE-2025-9074, targeting unauthenticated Docker API endpoints. The PoC includes an interactive shell for post-exploitation operations, demonstrating remote command execution capabilities.

The repository claims to provide a PoC for CVE-2025-9074 (Docker Remote API misconfiguration) but only includes a README with generic details and a link to an external download for the exploit code. The exploit.py file is a bit.ly link, which is a red flag for potential malware or deception.

The repository contains a scanner for CVE-2024-21762, a Fortinet SSL VPN vulnerability, which checks for the presence of the vulnerability by sending crafted HTTP requests. It also includes writeups for other CVEs like CVE-2024-10654, detailing authentication bypass vulnerabilities in TOTOLINK devices.

The repository contains a heavily stylized bash script with cinematic animations and verbose output but lacks actual exploit code for CVE-2025-9074. It appears to be a social engineering lure with no technical details about the vulnerability.

This repository contains a functional Bash script that exploits CVE-2025-9074 by leveraging an exposed Docker API to create a container with a mounted host directory, allowing arbitrary command execution on the host system. The PoC demonstrates the vulnerability by binding the host's Windows C drive to a container directory and executing commands within that context.

This repository contains a functional exploit for CVE-2025-9074, a critical container escape vulnerability in Docker Desktop. The exploit leverages unauthenticated access to the Docker Engine API to create privileged containers and achieve host filesystem access.

This repository contains a functional Python-based PoC for CVE-2025-9074, which exploits unauthenticated Docker Engine API exposure on port 2375. The script automates the process of creating a malicious container with host filesystem bind mounts, leading to potential host compromise.

This repository provides a functional proof-of-concept exploit for CVE-2025-9074, demonstrating a Docker Desktop vulnerability that allows container escape via unauthenticated access to the internal HTTP API. The PoC includes detailed steps to create and start a container with host volumes mounted, enabling read/write access to the host filesystem.

This repository contains a functional exploit script for CVE-2025-9074, which leverages an unauthenticated Docker Remote API to escape a container and gain privileged access to the host system. The exploit creates a privileged container with host filesystem bind mounts, allowing arbitrary command execution on the host.

This Bash script exploits CVE-2025-9074 by interacting with the Docker API to create a container, mount the host's C drive, and execute arbitrary commands. The output is streamed back to the attacker, demonstrating remote code execution (RCE).

The repository contains a heavily stylized bash script with cinematic animations and verbose output but lacks actual exploit code for CVE-2025-9074. It appears to be a social engineering lure with no technical details about the vulnerability.

This script exploits CVE-2025-9074, a Docker Desktop LPE vulnerability via unauthenticated Docker Engine API access. It creates a malicious container with a reverse shell payload and binds host directories for privilege escalation.

The repository lacks actual exploit code and instead directs users to external downloads via GitHub releases. The README uses vague marketing language without technical details about CVE-2025-9074.

This script exploits CVE-2025-9074 by leveraging Docker's HTTP API to perform arbitrary file read/write operations on the host system via container volume mounts. It demonstrates the vulnerability by creating a container with a bind mount to the target path and executing commands to read or write files.

This repository contains a functional Bash script that exploits an unauthenticated Docker API vulnerability (CVE-2025-9074) to achieve remote code execution by creating a privileged container with host filesystem mounting and reverse shell payload.

This repository contains a functional exploit for CVE-2025-9074, targeting a Docker API vulnerability to achieve remote code execution via container creation with a reverse shell payload. The script automates the process of creating a privileged container with host filesystem access and network mode set to host.

This repository contains a functional Go-based PoC for CVE-2025-9074, demonstrating how an unauthenticated attacker can exploit Docker Engine's remote API to create a privileged container with host filesystem access. The PoC interacts with the Docker API to create a container, mount host directories, and write a file to the host system.