# Exploit Title: Docker Desktop 4.44.3 - Unauthenticated API Exposure
# Date: 2025-10-06
# Exploit Author: OilSeller2001
# Vendor Homepage: https://www.docker.com/
# Software Link: https://www.docker.com/products/docker-desktop/
# Version: Affected on Windows and macOS versions prior to 4.44.3
# Tested on: Windows 11 + Docker Desktop 4.43.0
# Exploit Type: Remote, Local, Shellcode
# Platform: Windows
# CVE: CVE-2025-9074
# Description:
This PoC script exploits a security misconfiguration in the unauthenticated exposure of the Docker Engine API.
By sending crafted API requests directly to the Docker daemon, the script creates and starts a specially prepared container.
The container leverages the bind mount feature to map sensitive directories from the host filesystem into the container, effectively granting arbitrary access to the host.
This results in a high-privilege remote code execution scenario.
# Vulnerability Details:
The Docker Engine API (TCP port 2375) can be exposed without TLS authentication via the "Expose daemon on tcp://localhost:2375 without TLS" option in Docker Desktop.
If this option is enabled, any local or remote attacker with network access to the exposed port can control the Docker daemon without authentication.
# Usage:
1. Expose the Docker daemon on TCP 2375 without TLS (testing environment only).
2. Run the PoC against the target:
python3 poc_cve_2025_9074.py <target_ip>:2375
3. The script will:
- Check API availability
- Pull an image
- Create a malicious container with bind mounts to the host filesystem
- Start the container, allowing access to host files
# Mitigation:
- Disable the unauthenticated Docker API exposure after testing.
- Use TLS certificates if remote API access is required.
- Restrict network access to port 2375 via firewall rules.
# PoC Download Link:
https://github.com/OilSeller2001/PoC-for-CVE-2025-9074
