DigitalOcean Droplet Agent Command Injection Vulnerability Leading to Remote Code Execution

A command injection vulnerability allowing remote code execution with root privileges has been identified in DigitalOcean Droplet Agent versions through 1.3.2. The issue arises in the troubleshooting actioner component, where metadata from the metadata service endpoint is processed and commands are executed without proper input validation. Although the code checks that certain artifacts are valid, it does not sanitize the command content after the 'command:' prefix. This oversight enables an attacker controlling metadata responses to inject and execute arbitrary OS commands. The vulnerability can be exploited by sending a TCP packet with specific sequence numbers to the SSH port, prompting the agent to retrieve metadata from the local metadata service. This flaw can lead to complete system compromise, data exfiltration, privilege escalation, and potential lateral movement across cloud infrastructure.

Impact

Exploitation of this vulnerability allows for unauthorized remote code execution with root privileges on the affected system.

Reproduction

To reproduce this vulnerability, send a TCP packet to the target's SSH port with the sequence number 68796879 and acknowledgment number 848489. This packet will trigger the DigitalOcean Droplet Agent to fetch metadata from the local metadata service. Once the agent processes the metadata, inject a command through the 'TroubleshootingAgent.Requesting' array. The agent will execute the injected command with root privileges, exploiting the command injection vulnerability.