Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2753Big Bugs: Bitbucket Pipelines Kata Containers Build Container Escape RCE NA Alex Chapman (@ajxchapman) Bug Bounty2021-02-282023-06-13
2747GKE Autopilot Node Compromise via local-storage PersistentVolume Container escape Google Anthony Weems Bug Bounty2021-03-012023-06-13
2739GKE Autopilot Node Compromise via startup-script Container escape Google Anthony Weems Bug Bounty2021-03-052023-06-13
2738GKE Autopilot Node Compromise via SSH Metadata Container escape Google Anthony Weems Bug Bounty2021-03-052023-06-13
2678GKE Autopilot Node Compromise via Race Condition Container escape Google Anthony Weems Bug Bounty2021-04-012023-06-13
2516runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465) Kubernetes Container escape Google Etienne Champetier / champtar Bug Bounty2021-05-302023-06-13
2235Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances Container takeover Container escape Privilege escalation Cloud Microsoft Unit 42 (@Unit42_Intel) Bug Bounty2021-09-092023-06-13
1890CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google%27s KCTF Containers Container escape Kubernetes bug Google Crusaders of Rust (@cor_ctf) Bug Bounty2022-01-252023-06-13
1756Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities Privilege escalation Container escape Kubernetes Google Unit 42 (@Unit42_Intel) Bug Bounty2022-03-082023-06-13
1610AWS%27s Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation Privilege escalation Container escape AWS Unit 42 (@Unit42_Intel) Bug Bounty2022-04-192023-06-13
1571Cloudflare Pages, part 1: The fellowship of the secret Command injection Container escape Bash Path injection RCE Local Privilege Escalation Information disclosure Cloudflare Sean Yeoh (@seanyeoh) Bug Bounty2022-05-062023-06-13
1419FabricScape: Escaping Service Fabric and Taking Over the Cluster Container escape Local Privilege Escalation Cross-tenant vulnerability Microsoft Unit 42 (@Unit42_Intel) Bug Bounty2022-06-282023-06-13
1278Symlinks as mount portals: Abusing container mount points on MikroTik%27s RouterOS to gain code execution Container escape Local Privilege Escalation MikroTik nns Bug Bounty2022-08-052023-06-13
1058Securing Developer Tools: OneDev Remote Code Execution RCE SSRF Broken Access Control Container escape OneDev Paul Gerste Bug Bounty2022-09-202023-06-13
1046Exploiting Distroless Images Command injection Arbitrary file read Arbitrary file write Container escape Google Daniel Teixeira (@TheRedOperator) Bug Bounty2022-09-222023-06-13
419Taking over “Google Cloud Shell” by utilizing capabilities and Kubelet Container escape RCE Kubernetes NA Chen Shiri (@ChenShiri73) Bug Bounty2023-02-212023-06-13
270Escalating Privileges with Azure Function Apps Privilege escalation Cloud Container escape RCE Microsoft (Azure) Karl Fosaaen (@kfosaaen) Bug Bounty2023-03-232023-06-13
182#BrokenSesame: Accidental write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services Cloud RCE Container escape Kubernetes Privilege escalation Lateral movement Supply chain attack Cross-tenant vulnerability Alibaba Ronen Shustin (@ronenshh) Bug Bounty2023-04-192023-06-13
64Red team: Journey from RCE to have total control of cloud infrastructure RCE SSTI Container escape Kubernetes Components with known vulnerabilities CI/CD NA Quang Vo (@mr_r3bot) Bug Bounty2023-05-222023-06-13
30AWS Chain Attack- Thousands of Vulnerable EKS Clusters AWS Kubernetes EKS Container escape Security misconfiguration NA Chen Shiri (@ChenShiri73) Bug Bounty2023-06-042023-06-13