{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/nuclio/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Nuclio \u003c= 1.15.27"],"_cs_severities":["critical"],"_cs_tags":["remote-code-execution","kubernetes","cloud-native","command-injection","persistence","critical-vulnerability","ghsa"],"_cs_type":"advisory","_cs_vendors":["Nuclio"],"content_html":"\u003cp\u003eA critical vulnerability (GHSA-v5px-423j-pf7p, CWE-78) has been identified in the Nuclio controller, affecting all versions up to and including 1.15.27. This flaw stems from inadequate sanitization of user-provided input, specifically \u003ccode\u003eevent.headers\u003c/code\u003e keys and \u003ccode\u003eevent.body\u003c/code\u003e content within cron trigger specifications for NuclioFunctions. When the controller generates a Kubernetes CronJob, it constructs a \u003ccode\u003ecurl\u003c/code\u003e invocation string that incorporates these unsanitized values directly into a shell command executed by \u003ccode\u003e/bin/sh -c\u003c/code\u003e. Attackers can exploit this by injecting shell metacharacters - either by breaking the double-quote context in \u003ccode\u003eheaderKey\u003c/code\u003e or by using command substitution in \u003ccode\u003eevent.body\u003c/code\u003e - to execute arbitrary commands within the CronJob's container. These CronJobs typically run with root privileges and, notably, lack Kubernetes \u003ccode\u003eownerReferences\u003c/code\u003e, allowing them to persist indefinitely even if the original NuclioFunction is deleted, posing a significant risk for persistent remote code execution within the cluster.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker, with permissions to create or modify NuclioFunctions in the Kubernetes cluster, crafts a malicious NuclioFunction definition.\u003c/li\u003e\n\u003cli\u003eThe attacker includes a \u003ccode\u003ecron\u003c/code\u003e trigger with a specially crafted \u003ccode\u003eevent.headers\u003c/code\u003e key (e.g., \u003ccode\u003eX-Inject\u0026quot;; ARBITRARY_COMMAND; echo \u0026quot;\u003c/code\u003e) or a malicious \u003ccode\u003eevent.body\u003c/code\u003e (e.g., \u003ccode\u003e$(ARBITRARY_COMMAND)\u003c/code\u003e) within the function's specification.\u003c/li\u003e\n\u003cli\u003eThe Nuclio controller reconciles the malicious NuclioFunction, invoking \u003ccode\u003egenerateCronTriggerCronJobSpec\u003c/code\u003e to construct the internal \u003ccode\u003ecurl\u003c/code\u003e command string.\u003c/li\u003e\n\u003cli\u003eDuring command construction, the unsanitized \u003ccode\u003eheaderKey\u003c/code\u003e or \u003ccode\u003eeventBody\u003c/code\u003e is injected directly into the shell command argument passed to \u003ccode\u003e/bin/sh -c\u003c/code\u003e. For \u003ccode\u003eheaderKey\u003c/code\u003e, double quotes are improperly handled, allowing direct shell command injection; for \u003ccode\u003eeventBody\u003c/code\u003e, \u003ccode\u003estrconv.Quote\u003c/code\u003e fails to escape \u003ccode\u003e$(...)\u003c/code\u003e, enabling command substitution.\u003c/li\u003e\n\u003cli\u003eThe controller creates a Kubernetes CronJob resource with its container \u003ccode\u003eargs\u003c/code\u003e explicitly configured as \u003ccode\u003e/bin/sh -c \u0026lt;malicious_curlCommand\u0026gt;\u003c/code\u003e, where \u003ccode\u003emalicious_curlCommand\u003c/code\u003e now contains the injected arbitrary commands.\u003c/li\u003e\n\u003cli\u003eThe Kubernetes scheduler activates the CronJob, causing the CronJob pod to execute the \u003ccode\u003esh -c\u003c/code\u003e command, leading to the execution of arbitrary commands (e.g., \u003ccode\u003eid\u003c/code\u003e, \u003ccode\u003ecat /var/run/secrets/...\u003c/code\u003e) within the pod. These pods often run with root privileges.\u003c/li\u003e\n\u003cli\u003eThe created CronJob lacks Kubernetes \u003ccode\u003eownerReferences\u003c/code\u003e, allowing it to persist and continue executing its schedule indefinitely, even if the original NuclioFunction or its Deployment is subsequently removed.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages this RCE to exfiltrate sensitive data (such as Kubernetes service account tokens), establish a persistent foothold, or further compromise the Kubernetes cluster.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability grants remote attackers persistent remote code execution within the target Kubernetes cluster, typically with root privileges. This allows for arbitrary command execution, sensitive data exfiltration (e.g., Kubernetes service account tokens), and potential for broader compromise of cluster resources. The lack of \u003ccode\u003eownerReferences\u003c/code\u003e on the created CronJobs means that even if a compromised NuclioFunction is deleted, the malicious CronJob can continue to run indefinitely, ensuring persistence for the attacker. The vulnerability carries a CVSS 3.1 score of 9.9 (Critical), indicating severe consequences for confidentiality, integrity, and availability of the affected system.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-XXXX-YYYY immediately\u003c/strong\u003e: Upgrade Nuclio to a patched version once available. Monitor official Nuclio channels for security updates addressing GHSA-v5px-423j-pf7p.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeploy the Sigma rules in this brief\u003c/strong\u003e: Implement the \u003ccode\u003eDetect Nuclio CronJob RCE via Header Key Injection\u003c/code\u003e and \u003ccode\u003eDetect Nuclio CronJob RCE via Body Command Substitution\u003c/code\u003e rules to identify attempts at exploiting this vulnerability at the Kubernetes API server audit log level.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReview Kubernetes audit logs\u003c/strong\u003e: Actively monitor for suspicious \u003ccode\u003ecreate\u003c/code\u003e, \u003ccode\u003eupdate\u003c/code\u003e, or \u003ccode\u003epatch\u003c/code\u003e events on \u003ccode\u003ebatch/v1/cronjobs\u003c/code\u003e resources, especially those originating from the Nuclio controller, for \u003ccode\u003eargs\u003c/code\u003e fields containing the patterns identified in the IOCs.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRestrict NuclioFunction deployment permissions\u003c/strong\u003e: Limit permissions to create or modify \u003ccode\u003eNuclioFunction\u003c/code\u003e resources to trusted administrators, reducing the attack surface for this vulnerability.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-08T20:26:14Z","date_published":"2026-07-08T20:26:14Z","id":"https://feed.craftedsignal.io/briefs/2026-07-nuclio-rce-ghsa/","summary":"The Nuclio controller improperly sanitizes user-controlled input (cron trigger event headers and body) before injecting it into `curl` commands executed by Kubernetes CronJobs, allowing remote attackers to perform command injection and achieve remote code execution (RCE) by breaking quoting contexts in header keys or utilizing shell command substitution in event bodies, leading to arbitrary command execution with root privileges and potential persistence within the Kubernetes cluster.","title":"Nuclio Controller Vulnerability Leads to Persistent Kubernetes RCE (GHSA-v5px-423j-pf7p)","url":"https://feed.craftedsignal.io/briefs/2026-07-nuclio-rce-ghsa/"}],"language":"en","title":"CraftedSignal Threat Feed - Nuclio","version":"https://jsonfeed.org/version/1.1"}