Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container is spawned, it can be leveraged to break out of the container leading to complete Docker host machine takeover.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPortainer
APPPortainer≤ 1.24.1
Related vulnerabilities
Portainer CE: brak autoryzacji dla operacji na pluginach Docker
Portainer: Pominięcie ograniczeń bezpieczeństwa kontenerów przez Docker Swarm API
Portainer: niekontrolowane przekierowanie URL (open redirect)
In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer i...
Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4).