Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3725In Cloud we “Trust”: Wrong Kubernetes implementation by Google Cloud Platform & Microsoft Azure affecting customers Old components with known vulnerabilities Microsoft Google Chen Cohen (@chencococococo) Bug Bounty2020-01-122023-06-13
3430When it’s not only about a Kubernetes CVE… SSRF Microsoft Reever Zax (@ReeverZax) Bug Bounty2020-06-022023-06-13
2800I Own your Cloud Shell: Taking over “Azure Cloud Shell” Kubernetes Cluster Through Unsecured Kubelet API 30,000$ Bounty Privilege escalation RCE Microsoft Chen Cohen (@chencococococo) Bug Bounty2021-02-152023-06-13
2760Host MITM attack via IPv6 rogue router advertisements (K8S CVE-2020-10749 / Docker CVE-2020-13401 / LXD / WSL2 / ...) MiTM Kubernetes Etienne Champetier / champtar Bug Bounty2021-02-282023-06-13
2759Kubernetes man in the middle using LoadBalancer or ExternalIPs (CVE-2020-8554) MiTM Kubernetes Etienne Champetier / champtar Bug Bounty2021-02-282023-06-13
2517Metadata service MITM allows root privilege escalation (EKS / GKE) Kubernetes Privilege escalation MiTM Google Etienne Champetier / champtar Bug Bounty2021-05-302023-06-13
2516runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465) Kubernetes Container escape Google Etienne Champetier / champtar Bug Bounty2021-05-302023-06-13
2338CVE-2021-25738 RCE Kubernetes Jordy Versmissen / J0VSEC (@j0v0x0) Bug Bounty2021-08-072023-06-13
2031Exploring Container Security: A Storage Vulnerability Deep Dive Race condition Kubernetes Kubernetes Fabricio Voznika Bug Bounty2021-12-022023-06-13
1890CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google%27s KCTF Containers Container escape Kubernetes bug Google Crusaders of Rust (@cor_ctf) Bug Bounty2022-01-252023-06-13
1856Malicious Kubernetes Helm Charts can be used to steal sensitive information from Argo CD deployments Supply chain attack CI/CD Argo CD Apiiro’s Security Research Bug Bounty2022-02-032023-06-13
1756Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities Privilege escalation Container escape Kubernetes Google Unit 42 (@Unit42_Intel) Bug Bounty2022-03-082023-06-13
1548Kubernetes Privilege Escalation: Excessive Permissions in Popular Platforms Privilege escalation Broken Access Control Kubernetes Google AWS Microsoft Red Hat Yuval Avrahami (@yuval_avrahami) Bug Bounty2022-05-172023-06-13
1511External Authentication bypass in ingress-nginx Path traversal Authentication bypass Kubernetes Niemiec Marcin (@xvnpw) Bug Bounty2022-05-292023-06-13
1383Exploiting Authentication in AWS IAM Authenticator for Kubernetes Authentication flaw Privilege escalation AWS Gafnit Amiga (@gafnitav) Bug Bounty2022-07-112023-06-13
419Taking over “Google Cloud Shell” by utilizing capabilities and Kubelet Container escape RCE Kubernetes NA Chen Shiri (@ChenShiri73) Bug Bounty2023-02-212023-06-13
182#BrokenSesame: Accidental write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services Cloud RCE Container escape Kubernetes Privilege escalation Lateral movement Supply chain attack Cross-tenant vulnerability Alibaba Ronen Shustin (@ronenshh) Bug Bounty2023-04-192023-06-13
97Container security: Infecting images to establish backdoors Container security Kubernetes NA Emilien Socchi (@emiliensocchi) Bug Bounty2023-05-122023-06-13
64Red team: Journey from RCE to have total control of cloud infrastructure RCE SSTI Container escape Kubernetes Components with known vulnerabilities CI/CD NA Quang Vo (@mr_r3bot) Bug Bounty2023-05-222023-06-13
30AWS Chain Attack- Thousands of Vulnerable EKS Clusters AWS Kubernetes EKS Container escape Security misconfiguration NA Chen Shiri (@ChenShiri73) Bug Bounty2023-06-042023-06-13