CVE-2021-41091
published 2021-10-04CVE-2021-41091: Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory…
PriorityP334medium6.3CVSS 3.1
AVLACLPRLUINSCCLILAL
EPSS
2.69%
84.0th percentile
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | docker.io | < docker.io 20.10.10+dfsg1-1 (bookworm) | docker.io 20.10.10+dfsg1-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| github.com | docker_docker | >= 0 < 20.10.9 | 20.10.9 |
| github.com | docker_docker | >= 0 < 20.10.9+incompatible | 20.10.9+incompatible |
| github.com | moby_moby | >= 0 < 20.10.9 | 20.10.9 |
| github.com | moby_moby | >= 0 < 20.10.9+incompatible | 20.10.9+incompatible |
| moby | moby | < 20.10.9 | 20.10.9 |
| mobyproject | moby | < 20.10.9 | 20.10.9 |
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv6.3MEDIUM
vendor_debian6.3MEDIUM
vendor_redhat6.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
osv·2024-06-28
CVE-2021-41091 Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
GHSA
Moby (Docker Engine) Insufficiently restricted permissions on data directory
ghsa·2024-01-31
CVE-2021-41091 [MEDIUM] CWE-281 Moby (Docker Engine) Insufficiently restricted permissions on data directory
Moby (Docker Engine) Insufficiently restricted permissions on data directory
## Impact
A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files.
## Patches
This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should updat
OSV
Moby (Docker Engine) Insufficiently restricted permissions on data directory
osv·2024-01-31
CVE-2021-41091 [MEDIUM] Moby (Docker Engine) Insufficiently restricted permissions on data directory
Moby (Docker Engine) Insufficiently restricted permissions on data directory
## Impact
A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files.
## Patches
This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should updat
OSV
CVE-2021-41091: Moby is an open-source project created by Docker to enable software containerization
osv·2021-10-04·CVSS 6.3
CVE-2021-41091 [MEDIUM] CVE-2021-41091: Moby is an open-source project created by Docker to enable software containerization
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this versio
CISA ICS
Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
cisa_ics·2022-06-16·CVSS 9.8
[CRITICAL] Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
Last RevisedJune 16, 2022
Alert CodeICSA-22-167-09
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely, low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE LPE9403
- Vulnerabilities: Multiple
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could cause crashes and unrestricted file access, impacting the product’s confidentiality, integrity, and availability.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of SCALANCE LPE9403 (Local Processing
Red Hat
moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal
vendor_redhat·2021-10-04·CVSS 6.3
CVE-2021-41091 [MEDIUM] CWE-281 moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal
moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could d
Debian
CVE-2021-41091: docker.io - Moby is an open-source project created by Docker to enable software containeriza...
vendor_debian·2021·CVSS 6.3
CVE-2021-41091 [MEDIUM] CVE-2021-41091: docker.io - Moby is an open-source project created by Docker to enable software containeriza...
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this versio
No detection rules found.
No public exploits indexed.
CTF
MonitorsTwo / README
ctf_writeups
MonitorsTwo / README
# MonitorsTwo
> Write-up author: jon-brandy
## STEPS:
> PORT SCANNING
```
┌──(brandy㉿bread-yolk)-[~]
└─$ nmap -p- -sVC 10.10.11.211 --min-rate 1000
Starting Nmap 7.93 ( https://nmap.org ) at 2023-09-24 01:20 PDT
Nmap scan report for monitorstwo (10.10.11.211)
Host is up (0.039s latency).
Not shown: 65533 closed tcp ports (conn-refused)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 48add5b83a9fbcbef7e8201ef6bfdeae (RSA)
| 256 b7896c0b20ed49b2c1867c2992741c1f (ECDSA)
|_ 256 18cd9d08a621a8b8b6f79f8d405154fb (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-title: Login to Cacti
|_http-server-header: nginx/1.18.0 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed.
CTF
easy / README
ctf_writeups·CVSS 6.0
[MEDIUM] easy / README
---
layout: default
title: Easy Machines
parent: Machines
nav_order: 1
description: "120+ Easy HTB machine writeups with walkthroughs"
permalink: /machines/easy/
---
# HackTheBox Easy Machines - Comprehensive Reference
> Complete catalog of retired HTB Easy machines with OS, key vulnerability, attack path summary, and quality writeup links.
**Total: 100+ Easy Machines** | Updated: April 2026
---
## Quick Navigation
- [Classic / Legacy Machines (2017-2019)](#classic--legacy-machines-2017-2019)
- [2019-2020 Machines](#2019-2020-machines)
- [2021 Machines](#2021-machines)
- [2022 Machines](#2022-machines)
- [2023 Machines](#2023-machines)
- [2024 Machines (Season 4 & 5)](#2024-machines-season-4--5)
- [2025-2026 Machines (Season 6+)](#2025-2026-machines-season-6)
---
## Classic / Legac
CTF
MonitorsTwo / README
ctf_writeups·CVSS 6.3
CVE-2022-46169 [MEDIUM] MonitorsTwo / README
# MonitorsTwo - HackTheBox - Writeup
Linux, 20 Base Points, Easy
## Machine
## TL;DR
To solve this machine, we start by using `nmap` to enumerate open services and find ports `22`, and `80`.
***User***: Found `Cacti Version 1.2.22` and used `CVE-2022-46169` to acquire a reverse shell as `www-data`. Discovered the SUID file `capsh` and gained a root shell inside the container using `capsh --gid=0 --uid=0 --`. Found the `/entrypoint.sh` file containing the database (DB) credentials. Identified the hashed password of `marcus` in the DB. Successfully cracked the hash using `john` and employed the obtained password to establish an SSH connection as `marcus`.
***Root***: Based on an email received from `administrator@monitorstwo` addressed to `marcus` it is indicated that the vulnerabili
https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdfhttps://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdfhttps://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
2021-10-04
Published