An unauthenticated remote code execution vulnerability in Crawl4AI's Docker API allows attackers to achieve full server compromise, including data exfiltration and lateral movement.

The /crawl endpoint accepts a hooks parameter containing Python code executed via exec(). Because the __import__ builtin was not restricted, unauthenticated attackers can import arbitrary modules and execute system commands on the host.

This vulnerability carries a CVSS score of 10, the highest possible severity. Successful exploitation allows for complete system takeover, sensitive data theft, and the ability for attackers to pivot into internal networks, resulting in catastrophic operational and financial damage.

Immediate Action: Update the Crawl4AI Docker API deployment to version 0.8.0 or later immediately to remove the vulnerable code execution path.

Proactive Monitoring: Review API logs for requests to the /crawl endpoint that include suspicious Python code or attempts to use the hooks parameter.

Compensating Controls: Place the Docker API behind a Web Application Firewall (WAF) with rules designed to block Python-style injection and restrict API access to authenticated users only.

Public Exploit Available: false

A CVSS 10.0 vulnerability requires immediate, out-of-band patching. Organizations must ensure that no Crawl4AI instances are exposed to the public internet without authentication and that all instances are updated to version 0.8.0 or higher.