Share
## https://sploitus.com/exploit?id=8DF4117A-0CBF-5767-BEB0-31D3E0375D32
# CVE Docker Lab
A collection of Docker-based reproduction environments for the most impactful CVEs from 2021โ2026. Each lab includes a vulnerable environment, PoC exploit, and a detailed analysis document.
> **Disclaimer:** This repository is strictly for **educational and research purposes**. All labs are designed to run locally in isolated Docker containers. Never use these exploits against systems you do not own or have explicit written permission to test.
---
## Requirements
- Docker Engine 20.x+
- Docker Compose v2+
- Python 3.8+ (for PoC scripts)
- 20GB+ free disk space
See [docs/setup.md](docs/setup.md) for installation instructions.
---
## Quick Start
```bash
# Start a specific CVE lab
./scripts/up.sh log4j/CVE-2021-44228
# Or manually
cd log4j/CVE-2021-44228
docker compose up -d
# Clean up all running labs
./scripts/cleanup.sh
```
---
## CVE Index
### RCE (Remote Code Execution)
| Priority | CVE | Software | Mechanism | CVSS | Difficulty |
|----------|-----|----------|-----------|------|------------|
| 1 | [CVE-2021-44228](log4j/CVE-2021-44228/) | Apache Log4j | JNDI Injection (Log4Shell) | 10.0 | Medium |
| 2 | [CVE-2021-41773](apache-httpd/CVE-2021-41773/) | Apache HTTP Server | Path Traversal โ RCE | 9.8 | Easy |
| 3 | [CVE-2022-22965](spring/CVE-2022-22965/) | Spring Framework | Data Binding (Spring4Shell) | 9.8 | Medium |
| 4 | [CVE-2021-26084](confluence/CVE-2021-26084/) | Atlassian Confluence | OGNL Injection | 9.8 | Medium |
| 5 | [CVE-2022-26134](confluence/CVE-2022-26134/) | Atlassian Confluence | OGNL Injection | 9.8 | Medium |
| 6 | [CVE-2022-42889](text4shell/CVE-2022-42889/) | Apache Commons Text | Variable Interpolation (Text4Shell) | 9.8 | Medium |
| 7 | [CVE-2023-46604](activemq/CVE-2023-46604/) | Apache ActiveMQ | OpenWire RCE | 10.0 | Medium |
| 8 | [CVE-2023-22527](confluence/CVE-2023-22527/) | Atlassian Confluence | SSTI (FreeMarker) | 10.0 | Medium |
### LPE (Local Privilege Escalation)
| Priority | CVE | Software | Mechanism | CVSS | Difficulty |
|----------|-----|----------|-----------|------|------------|
| 9 | [CVE-2022-0847](linux-kernel/CVE-2022-0847/) | Linux Kernel | Dirty Pipe | 7.8 | Hard |
| 10 | [CVE-2021-4034](linux-kernel/CVE-2021-4034/) | Polkit (pkexec) | PwnKit | 7.8 | Medium |
### Auth Bypass
| Priority | CVE | Software | Mechanism | CVSS | Difficulty |
|----------|-----|----------|-----------|------|------------|
| 12 | [CVE-2024-1709](connectwise/CVE-2024-1709/) | ConnectWise ScreenConnect | Path Traversal Auth Bypass | 10.0 | Medium |
### Supply Chain
| Priority | CVE | Software | Mechanism | CVSS | Difficulty |
|----------|-----|----------|-----------|------|------------|
| 11 | [CVE-2024-3094](xz-utils/CVE-2024-3094/) | XZ Utils | Backdoor in liblzma | 10.0 | Hard |
---
## Repository Structure
```
CVE/
โโโ README.md
โโโ docs/
โ โโโ TEMPLATE.md # CVE analysis document template
โ โโโ setup.md # Docker environment setup guide
โ โโโ categories.md # Vulnerability type index
โโโ scripts/
โ โโโ up.sh # Start a specific CVE lab
โ โโโ cleanup.sh # Stop all running labs
โโโ log4j/CVE-2021-44228/
โโโ apache-httpd/CVE-2021-41773/
โโโ spring/CVE-2022-22965/
โโโ confluence/
โ โโโ CVE-2021-26084/
โ โโโ CVE-2022-26134/
โ โโโ CVE-2023-22527/
โโโ text4shell/CVE-2022-42889/
โโโ activemq/CVE-2023-46604/
โโโ linux-kernel/
โ โโโ CVE-2022-0847/
โ โโโ CVE-2021-4034/
โโโ xz-utils/CVE-2024-3094/
โโโ connectwise/CVE-2024-1709/
```
---
## Contributing
See [docs/TEMPLATE.md](docs/TEMPLATE.md) for the standard structure when adding a new CVE lab.