CVE-2026-24516
Received Received - Intake
Command Injection in DigitalOcean Droplet Agent Enables Root Access

Publication date: 2026-03-23

Last updated on: 2026-03-24

Assigner: MITRE

Description
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component (internal/troubleshooting/actioner/actioner.go) processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting array without adequate input validation. While the code validates that artifacts exist in the validInvestigationArtifacts map, it fails to sanitize the actual command content after the "command:" prefix. This allows an attacker who can control metadata responses to inject and execute arbitrary OS commands with root privileges. The attack is triggered by sending a TCP packet with specific sequence numbers to the SSH port, which causes the agent to fetch metadata from http://169.254.169.254/metadata/v1.json. The vulnerability affects the command execution flow in internal/troubleshooting/actioner/actioner.go (insufficient validation), internal/troubleshooting/command/exec.go (direct exec.CommandContext call), and internal/troubleshooting/command/command.go (command parsing without sanitization). This can lead to complete system compromise, data exfiltration, privilege escalation, and potential lateral movement across cloud infrastructure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-23
Last Modified
2026-03-24
Generated
2026-05-07
AI Q&A
2026-03-23
EPSS Evaluated
2026-05-05
NVD
CVE-2026-24516
EUVD
EUVD-2026-14461
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
digitalocean droplet_agent 1.3.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': 'CVE-2026-24516 is a command injection vulnerability in the DigitalOcean Droplet Agent up to version 1.3.2. The vulnerability exists in the troubleshooting actioner component, which processes metadata from a local metadata service and executes commands specified in the TroubleshootingAgent.Requesting array without properly sanitizing the command content after the "command:" prefix.'}, {'type': 'paragraph', 'content': 'An attacker who can control the metadata responses can inject arbitrary operating system commands that are executed with root privileges. The attack is triggered by sending a specially crafted TCP packet with specific sequence numbers to the SSH port, causing the agent to fetch malicious metadata containing commands to execute.'}, {'type': 'paragraph', 'content': 'This flaw allows an unauthenticated attacker to remotely execute arbitrary commands as root, leading to complete system compromise.'}] [2]


How can this vulnerability impact me? :

This vulnerability can have severe impacts including full system compromise with root access. An attacker can execute arbitrary commands remotely without any authentication or privileges.

  • Complete system takeover
  • Data exfiltration
  • Privilege escalation to root
  • Potential lateral movement across cloud infrastructure

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'The vulnerability is triggered by sending a specially crafted TCP packet with specific sequence and acknowledgment numbers to the SSH port (port 22). Monitoring for unusual TCP packets with sequence number 68796879 and acknowledgment number 848489 targeting port 22 could indicate an exploit attempt.'}, {'type': 'paragraph', 'content': 'On the system, detection can involve checking for unexpected commands executed by the DigitalOcean Droplet Agent, especially commands prefixed with "command:" in metadata fetched from the local metadata service at 169.254.169.254.'}, {'type': 'paragraph', 'content': 'Suggested commands to investigate suspicious activity include running allowlisted commands used by the agent for troubleshooting, which are safe and controlled:'}, {'type': 'list_item', 'content': 'top - to view current running processes'}, {'type': 'list_item', 'content': 'ps aux - to list all running processes'}, {'type': 'list_item', 'content': 'journalctl --no-pager --output=short-iso - to review recent system logs'}, {'type': 'paragraph', 'content': 'Additionally, monitoring network traffic for unusual TCP packets to port 22 with the specific sequence and acknowledgment numbers used in the exploit can help detect attempts to trigger the vulnerability.'}] [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include:

  • Block or filter incoming TCP packets to port 22 that have the specific sequence number 68796879 and acknowledgment number 848489 to prevent the exploit trigger.
  • Restrict access to the metadata service endpoint at http://169.254.169.254/metadata/v1.json to prevent unauthorized or malicious metadata injection.
  • Update or patch the DigitalOcean Droplet Agent to a version later than 1.3.2 where this command injection vulnerability is fixed.
  • Monitor system logs and running processes for signs of compromise or unexpected command execution.
  • Consider disabling or restricting the troubleshooting actioner component if it is not required.

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart