r1cksec

This post describes how to execute code on every Pod in many Kubernetes clusters when using a service account with nodes/proxy GET permissions

https://grahamhelton.com/blog/nodes-proxy-rce

#infosec #cybersecurity #redteam #pentest

Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission

An authorization bypass in Kubernetes RBAC allows for nodes/proxy GET permissions to execute commands in any Pod in the cluster.

Graham Helton
Feb 22 at 9:21amWeb