CVE-2026-24516

HighRCE

Published: 23 March 2026

Published

23 March 2026

Modified

24 March 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0015 35.1th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24516 is a high-severity Code Injection (CWE-94) vulnerability. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 35.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation of Remote Services (T1210) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mandates validation and sanitization of inputs from the metadata service endpoint to prevent command injection via the unsanitized 'command:' content in TroubleshootingAgent.Requesting.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and remediation of flaws like this command injection vulnerability in the DigitalOcean Droplet Agent through patching or updates.

AC-6 Least Privilege partial match

prevent

Enforces least privilege on the Droplet Agent process to limit the scope of arbitrary root-privileged command execution resulting from successful injection.

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

Why these techniques?

The vulnerability is a remote command injection (CWE-94) in the DigitalOcean Droplet Agent, exploitable over the network (AV:N/PR:L) via SSH port trigger and metadata manipulation, enabling arbitrary root command execution. Maps to T1210 (exploitation of remote service/agent), T1068 (privilege escalation via exploit), and T1059.004 (Unix shell command execution).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component (internal/troubleshooting/actioner/actioner.go) processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting array without adequate input validation. While the code validates that…

artifacts exist in the validInvestigationArtifacts map, it fails to sanitize the actual command content after the "command:" prefix. This allows an attacker who can control metadata responses to inject and execute arbitrary OS commands with root privileges. The attack is triggered by sending a TCP packet with specific sequence numbers to the SSH port, which causes the agent to fetch metadata from http://169.254.169.254/metadata/v1.json. The vulnerability affects the command execution flow in internal/troubleshooting/actioner/actioner.go (insufficient validation), internal/troubleshooting/command/exec.go (direct exec.CommandContext call), and internal/troubleshooting/command/command.go (command parsing without sanitization). This can lead to complete system compromise, data exfiltration, privilege escalation, and potential lateral movement across cloud infrastructure.

Deeper analysisAI

CVE-2026-24516, published on 2026-03-23, is a command injection vulnerability (CWE-94) rated at CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting the DigitalOcean Droplet Agent through version 1.3.2. The flaw exists in the troubleshooting actioner component, particularly in internal/troubleshooting/actioner/actioner.go, which processes metadata from the metadata service endpoint at http://169.254.169.254/metadata/v1.json. Although the code checks for artifacts in the validInvestigationArtifacts map, it fails to sanitize command content following the "command:" prefix. Vulnerable execution flows also involve internal/troubleshooting/command/exec.go, which calls exec.CommandContext directly, and internal/troubleshooting/command/command.go, which parses commands without sanitization.

Exploitation begins with an attacker sending a TCP packet featuring specific sequence numbers to the SSH port, prompting the agent to retrieve metadata. An attacker able to control metadata responses can then inject arbitrary OS commands via the TroubleshootingAgent.Requesting array, which execute with root privileges. This grants low-privilege (PR:L) network-accessible (AV:N) actors the ability to achieve complete system compromise, data exfiltration, privilege escalation, and lateral movement across cloud infrastructure, with low complexity (AC:L) and no user interaction required.

References point to the DigitalOcean Droplet Agent GitHub repository, exposing the vulnerable code in internal/troubleshooting/actioner/actioner.go, internal/troubleshooting/command/command.go, and internal/troubleshooting/command/exec.go, alongside a proof-of-concept repository at https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE. No advisories or patches are detailed in these sources.

Details

CWE(s): CWE-94

CVEs Like This One

CVE-2026-25817Shared CWE-94

CVE-2025-2787Shared CWE-94

CVE-2025-48984Shared CWE-94

CVE-2025-42880Shared CWE-94

CVE-2025-42950Shared CWE-94

CVE-2026-32613Shared CWE-94

CVE-2025-67036Shared CWE-94

CVE-2025-42957Shared CWE-94

CVE-2026-25366Shared CWE-94

CVE-2025-67034Shared CWE-94