CVE-2026-58455
CriticalCVSS 9.8Summary
Dockwatch through version 0.6.567 contains an unauthenticated OS command injection vulnerability. A missing exit() after an authentication redirect in loader.php combined with unsanitized input passed to shell_exec() in ajax/compose.php allows remote attackers to execute arbitrary shell commands.
Risk Assessment
An attacker can fully compromise the host by exploiting the standard Docker socket mount, leading to complete system takeover and potential access to all containers and data.
Recommendation
Immediately update Dockwatch to the latest version that fixes this vulnerability. Until then, restrict access to the application and deploy WAF rules to block suspicious composePath parameters.
Original NVD description (English source)
Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit() after an authentication redirect in loader.php combined with unsanitized input passed to shell_exec() in ajax/compose.php. Attackers can seed the required session flag through the incomplete auth check, then inject arbitrary commands via the composePath POST parameter in the composePull action to achieve full host compromise, facilitated by the standard deployment mounting of the Docker socket.

