kubernetes-pods-api: Kubernetes Pods - API Discovery & Remote Code Execution

日期: 2025-08-01 | 影响软件: Kubernetes Pods | POC: 已公开

漏洞描述

A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container.

PoC代码[已公开]

id: kubernetes-pods-api

info:
  name: Kubernetes Pods - API Discovery & Remote Code Execution
  author: ilovebinbash,geeknik,0xtavian
  severity: critical
  description: A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container.
  reference:
    - https://github.com/officialhocc/Kubernetes-Kubelet-RCE
    - https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/
  metadata:
    max-request: 2
  tags: k8,unauth,kubernetes,devops,misconfig,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/pods'
      - '{{BaseURL}}/api/v1/pods'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "apiVersion"

      - type: word
        words:
          - "application/json"
        part: header

      - type: status
        status:
          - 200
# digest: 490a0046304402200d55d7a16c688159ec9769df4b49488fbb2d7a71d41543582fa45e75e6aef08702206491d6104cc1a2d1516c11a22d332da7e5a44ca049f5991f9d58ed5378084e51:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/kubernetes/kubernetes-pods-api.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐