HTB Kobold Complete Writeup — CVE-2026-23744 MCP Inspector RCE & Docker Escape

A comprehensive penetration testing guide exploiting an unauthenticated MCP Inspector remote code execution vulnerability and Docker group misconfiguration to achieve full root compromise.

March 30, 2026 • views • 14 min read • 1,881 words

Havoc

hackthebox 19 htb 23 linux 7 cve-2026-23744 mcp-inspector mcpjam unauthenticated-rce remote-code-execution 2 subdomain-enumeration ffuf 3 virtual-host-routing reverse-shell 3 tty-upgrade docker-escape docker-group volume-mount privilege-escalation 10 newgrp chroot nmap 5 privatebin nginx season10 3 easy-difficulty

🔒 Content Locked

This writeup is password-protected to comply with HTB rules.

📧 Need access? Enter the password.

HTB Kobold Complete Writeup — CVE-2026-23744 MCP Inspector RCE & Docker Escape

🔒 Content Locked

☕ Support My Work

Comments

🔒 Content Locked

☕ Support My Work

Related Articles

HTB DevArea Complete Writeup - CVE-2022-46364 Apache CXF LFI & HoverFly RCE

HTB VariaType Complete Writeup — CVE-2025-66034 & Font Exploitation

CCTV HackTheBox Writeup — Season 10 Linux Machine Walkthrough

Conversor Hack The Box Writeup & Walkthrough (XSLT Injection, Linux PrivEsc)

Comments