Anmol Singh Rajput

**Name of the Vulnerable Software and Affected Versions** DigitalOcean Droplet Agent versions through 1.3.2 **Description** A command injection issue exists due to inadequate input validation when processing metadata from the metadata service endpoint. Specifically, the troubleshooting actioner component does not properly sanitize commands specified in the TroubleshootingAgent.Requesting array after the "command:" prefix. This allows an attacker controlling metadata responses to inject and execute arbitrary OS commands with root privileges. The attack is initiated by sending a crafted TCP packet to the SSH port, causing the agent to retrieve metadata from http://169.254.169.254/metadata/v1.json. The vulnerable code is located in internal/troubleshooting/actioner/actioner.go (insufficient validation), internal/troubleshooting/command/exec.go (direct exec.CommandContext call), and internal/troubleshooting/command/command.go (command parsing without sanitization). This could result in complete system compromise, data exfiltration, and privilege escalation. **Recommendations** Versions prior to 1.3.3 should be updated.