{"id":38997,"date":"2026-02-04T07:46:52","date_gmt":"2026-02-04T07:46:52","guid":{"rendered":"http:\/\/localhost\/?p=38997"},"modified":"2026-02-04T07:46:52","modified_gmt":"2026-02-04T07:46:52","slug":"docker-desktop-4443-unauthenticated-api-exposure","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=38997","title":{"rendered":"Docker Desktop 4.44.3 – Unauthenticated API Exposure_EDB-ID:52472"},"content":{"rendered":"

{“lastseen”:”2026-02-04T13:28:43″,”description”:”Exploit Title: Docker Desktop 4.44.3 – Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https:\/\/www.docker.com\/ Software Link: https:\/\/www.docker.com\/products\/docker-desktop\/ Version: Affected on Windows and…”,”published”:”2026-02-04T00:00:00″,”modified”:”2026-02-04T00:00:00″,”type”:”exploitdb”,”title”:”Docker Desktop 4.44.3 – Unauthenticated API Exposure”,”source”:””,”references”:””,”id”:”EDB-ID:52472″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-9074″],”sourceData”:”# Exploit Title: Docker Desktop 4.44.3 – Unauthenticated API Exposure\\r\\n# Date: 2025-10-06\\r\\n# Exploit Author: OilSeller2001\\r\\n# Vendor Homepage: https:\/\/www.docker.com\/\\r\\n# Software Link: https:\/\/www.docker.com\/products\/docker-desktop\/\\r\\n# Version: Affected on Windows and macOS versions prior to 4.44.3\\r\\n# Tested on: Windows 11 + Docker Desktop 4.43.0\\r\\n# Exploit Type: Remote, Local, Shellcode\\r\\n# Platform: Windows\\r\\n# CVE: CVE-2025-9074\\r\\n\\r\\n# Description:\\r\\nThis PoC script exploits a security misconfiguration in the unauthenticated exposure of the Docker Engine API. \\r\\nBy sending crafted API requests directly to the Docker daemon, the script creates and starts a specially prepared container. \\r\\nThe container leverages the bind mount feature to map sensitive directories from the host filesystem into the container, effectively granting arbitrary access to the host. \\r\\nThis results in a high-privilege remote code execution scenario.\\r\\n\\r\\n# Vulnerability Details:\\r\\nThe Docker Engine API (TCP port 2375) can be exposed without TLS authentication via the \\”Expose daemon on tcp:\/\/localhost:2375 without TLS\\” option in Docker Desktop. \\r\\nIf this option is enabled, any local or remote attacker with network access to the exposed port can control the Docker daemon without authentication.\\r\\n\\r\\n# Usage:\\r\\n1. Expose the Docker daemon on TCP 2375 without TLS (testing environment only).\\r\\n2. Run the PoC against the target:\\r\\n python3 poc_cve_2025_9074.py \\u003ctarget_ip\\u003e:2375\\r\\n3. The script will:\\r\\n – Check API availability\\r\\n – Pull an image\\r\\n – Create a malicious container with bind mounts to the host filesystem\\r\\n – Start the container, allowing access to host files\\r\\n\\r\\n# Mitigation:\\r\\n- Disable the unauthenticated Docker API exposure after testing.\\r\\n- Use TLS certificates if remote API access is required.\\r\\n- Restrict network access to port 2375 via firewall rules.\\r\\n\\r\\n# PoC Download Link:\\r\\nhttps:\/\/github.com\/OilSeller2001\/PoC-for-CVE-2025-9074″,”sourceHref”:”https:\/\/www.exploit-db.com\/raw\/52472″,”cvss”:{“score”:9.3,”severity”:”CRITICAL”,”vector”:”CVSS:4.0\/AV:L\/AC:L\/AT:N\/PR:N\/UI:P\/VC:H\/SC:H\/VI:H\/SI:H\/VA:H\/SA:H”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.exploit-db.com\/exploits\/52472″,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-02-04T13:28:43″,”description”:”Exploit Title: Docker Desktop 4.44.3 – Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https:\/\/www.docker.com\/ Software Link: https:\/\/www.docker.com\/products\/docker-desktop\/ Version: Affected on Windows and…”,”published”:”2026-02-04T00:00:00″,”modified”:”2026-02-04T00:00:00″,”type”:”exploitdb”,”title”:”Docker…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,55,12,40,13,7,11,5],"class_list":["post-38997","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-93","tag-exploit","tag-exploitdb","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nDocker Desktop 4.44.3 - Unauthenticated API Exposure_EDB-ID:52472 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=38997\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Docker Desktop 4.44.3 - Unauthenticated API Exposure_EDB-ID:52472 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-02-04T13:28:43″,”description”:”Exploit Title: Docker Desktop 4.44.3 – Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https:\/\/www.docker.com\/ Software Link: https:\/\/www.docker.com\/products\/docker-desktop\/ Version: Affected on Windows and…”,”published”:”2026-02-04T00:00:00″,”modified”:”2026-02-04T00:00:00″,”type”:”exploitdb”,”title”:”Docker...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=38997\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-04T07:46:52+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Docker Desktop 4.44.3 – Unauthenticated API Exposure_EDB-ID:52472\",\"datePublished\":\"2026-02-04T07:46:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997\"},\"wordCount\":496,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-9.3\",\"exploit\",\"exploitdb\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=38997#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997\",\"name\":\"Docker Desktop 4.44.3 - Unauthenticated API Exposure_EDB-ID:52472 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-02-04T07:46:52+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=38997\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=38997#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Docker Desktop 4.44.3 – Unauthenticated API Exposure_EDB-ID:52472\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Docker Desktop 4.44.3 - Unauthenticated API Exposure_EDB-ID:52472 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=38997","og_locale":"en_US","og_type":"article","og_title":"Docker Desktop 4.44.3 - Unauthenticated API Exposure_EDB-ID:52472 - zero redgem","og_description":"{“lastseen”:”2026-02-04T13:28:43″,”description”:”Exploit Title: Docker Desktop 4.44.3 – Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https:\/\/www.docker.com\/ Software Link: https:\/\/www.docker.com\/products\/docker-desktop\/ Version: Affected on Windows and…”,”published”:”2026-02-04T00:00:00″,”modified”:”2026-02-04T00:00:00″,”type”:”exploitdb”,”title”:”Docker...","og_url":"https:\/\/zero.redgem.net\/?p=38997","og_site_name":"zero redgem","article_published_time":"2026-02-04T07:46:52+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=38997#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=38997"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Docker Desktop 4.44.3 – Unauthenticated API Exposure_EDB-ID:52472","datePublished":"2026-02-04T07:46:52+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=38997"},"wordCount":496,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-9.3","exploit","exploitdb","news","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=38997#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=38997","url":"https:\/\/zero.redgem.net\/?p=38997","name":"Docker Desktop 4.44.3 - Unauthenticated API Exposure_EDB-ID:52472 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-02-04T07:46:52+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=38997#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=38997"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=38997#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Docker Desktop 4.44.3 – Unauthenticated API Exposure_EDB-ID:52472"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/38997","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=38997"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/38997\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=38997"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=38997"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=38997"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}