漏洞描述
A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container.
kubernetes-pods-api: Kubernetes Pods - API Discovery & Remote Code Execution
PoC代码[已公开]
id: kubernetes-pods-api
info:
name: Kubernetes Pods - API Discovery & Remote Code Execution
author: ilovebinbash,geeknik,0xtavian
severity: critical
description: |-
A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container.
reference:
- https://github.com/officialhocc/Kubernetes-Kubelet-RCE
- https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/
tags: k8,unauth,kubernetes,devops,misconfig
created: 2025/07/14
rules:
r0:
request:
method: GET
path: /pods
expression: response.status == 200 && response.headers["content-type"].contains("application/json") && response.body.bcontains(b'apiVersion')
r1:
request:
method: GET
path: /api/v1/pods
expression: response.status == 200 && response.headers["content-type"].contains("application/json") && response.body.bcontains(b'apiVersion')
expression: r0() || r1()