4 matches found
CVE-2026-45630 Dokploy: Authenticated Remote Code Execution via Command Injection in updateTraefikConfig Echo Statement
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users to execute arbitrary system commands on remote servers via unsanitized echo shell interpolation...
EUVD-2026-33357
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users to execute arbitrary system commands on remote servers via unsanitized echo shell interpolation...
CVE-2026-45630 Dokploy: Authenticated Remote Code Execution via Command Injection in updateTraefikConfig Echo Statement
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users to execute arbitrary system commands on remote servers via unsanitized echo shell interpolation...
Dokploy 操作系统命令注入漏洞
Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy 0.28.8 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from the tRPC endpoint of application.updateTraefikConfig, where authenticated OS commands cou...