CVE-2026-24516
Published: 23 March 2026
Description
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component (internal/troubleshooting/actioner/actioner.go) processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting array without adequate input validation. While the code validates that…
more
artifacts exist in the validInvestigationArtifacts map, it fails to sanitize the actual command content after the "command:" prefix. This allows an attacker who can control metadata responses to inject and execute arbitrary OS commands with root privileges. The attack is triggered by sending a TCP packet with specific sequence numbers to the SSH port, which causes the agent to fetch metadata from http://169.254.169.254/metadata/v1.json. The vulnerability affects the command execution flow in internal/troubleshooting/actioner/actioner.go (insufficient validation), internal/troubleshooting/command/exec.go (direct exec.CommandContext call), and internal/troubleshooting/command/command.go (command parsing without sanitization). This can lead to complete system compromise, data exfiltration, privilege escalation, and potential lateral movement across cloud infrastructure.
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates validation and sanitization of inputs from the metadata service endpoint to prevent command injection via the unsanitized 'command:' content in TroubleshootingAgent.Requesting.
Requires timely identification, reporting, and remediation of flaws like this command injection vulnerability in the DigitalOcean Droplet Agent through patching or updates.
Enforces least privilege on the Droplet Agent process to limit the scope of arbitrary root-privileged command execution resulting from successful injection.
Security SummaryAI
CVE-2026-24516, published on 2026-03-23, is a command injection vulnerability (CWE-94) rated at CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting the DigitalOcean Droplet Agent through version 1.3.2. The flaw exists in the troubleshooting actioner component, particularly in internal/troubleshooting/actioner/actioner.go, which processes metadata from the metadata service endpoint at http://169.254.169.254/metadata/v1.json. Although the code checks for artifacts in the validInvestigationArtifacts map, it fails to sanitize command content following the "command:" prefix. Vulnerable execution flows also involve internal/troubleshooting/command/exec.go, which calls exec.CommandContext directly, and internal/troubleshooting/command/command.go, which parses commands without sanitization.
Exploitation begins with an attacker sending a TCP packet featuring specific sequence numbers to the SSH port, prompting the agent to retrieve metadata. An attacker able to control metadata responses can then inject arbitrary OS commands via the TroubleshootingAgent.Requesting array, which execute with root privileges. This grants low-privilege (PR:L) network-accessible (AV:N) actors the ability to achieve complete system compromise, data exfiltration, privilege escalation, and lateral movement across cloud infrastructure, with low complexity (AC:L) and no user interaction required.
References point to the DigitalOcean Droplet Agent GitHub repository, exposing the vulnerable code in internal/troubleshooting/actioner/actioner.go, internal/troubleshooting/command/command.go, and internal/troubleshooting/command/exec.go, alongside a proof-of-concept repository at https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE. No advisories or patches are detailed in these sources.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a remote command injection (CWE-94) in the DigitalOcean Droplet Agent, exploitable over the network (AV:N/PR:L) via SSH port trigger and metadata manipulation, enabling arbitrary root command execution. Maps to T1210 (exploitation of remote service/agent), T1068 (privilege escalation via exploit), and T1059.004 (Unix shell command execution).