A lack of authorization checks in the Dokploy schedule router enables authenticated users to perform unauthorized actions, leading to potential RCE.

The schedule router fails to enforce organization and role-based access control. Any authenticated user can interact with schedules across the platform if they possess the relevant identifiers, allowing them to execute scripts on host or remote servers.

With a CVSS score of 9.9, this is a critical vulnerability. It facilitates cross-organization data and system access, enabling any authenticated user to gain Remote Code Execution (RCE) on both the central Dokploy host and any managed target server.

Immediate Action: Update to the latest version of Dokploy.

Proactive Monitoring: Review audit logs for unauthorized schedule modifications or executions and verify that only authorized users have access to sensitive schedule identifiers.

Compensating Controls: Implement strict identity and access management (IAM) policies and limit access to the Dokploy instance to authorized organization members only.

Public Exploit Available: None

Immediate patching is required to restore proper access control. Administrators should also conduct a review of existing schedules to ensure no malicious tasks were created during the period of exposure.