{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/opencost/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OpenCost: All versions"],"_cs_severities":["high"],"_cs_tags":["opencost","kubernetes","cloud","gcp","vulnerability","unauthenticated-access","file-write"],"_cs_type":"advisory","_cs_vendors":["OpenCost"],"content_html":"\u003cp\u003eOpenCost, an open-source project for Kubernetes cost monitoring, is affected by an unauthenticated file write vulnerability (GHSA-wmj8-9953-vff5) in its \u003ccode\u003e/serviceKey\u003c/code\u003e endpoint. This flaw permits remote attackers to overwrite the \u003ccode\u003ekey.json\u003c/code\u003e file, which typically stores Google Cloud Platform (GCP) service account credentials, without any form of authentication or input validation. The vulnerability resides within the \u003ccode\u003eAddServiceKey\u003c/code\u003e function in \u003ccode\u003epkg/costmodel/router.go\u003c/code\u003e, where user-supplied content from a POST request's \u003ccode\u003ekey\u003c/code\u003e parameter is directly written to the file system. This allows attackers to inject invalid data, causing service disruption by breaking GCP integrations, or to replace legitimate credentials with attacker-controlled ones, facilitating credential theft and potential privilege escalation within the targeted Kubernetes cluster or associated GCP environment. Additionally, an overly permissive CORS header (\u003ccode\u003eAccess-Control-Allow-Origin: *\u003c/code\u003e) in the affected endpoint further enables cross-origin attacks if the OpenCost instance is exposed to a web browser. All versions of OpenCost up to and including the latest release are affected.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a network-accessible OpenCost instance running a vulnerable version. This could be through a public ingress, NodePort exposure, or internal network access.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts an HTTP POST request targeting the \u003ccode\u003e/serviceKey\u003c/code\u003e endpoint of the OpenCost service (e.g., \u003ccode\u003ehttp://opencost.opencost.svc.cluster.local:9003/serviceKey\u003c/code\u003e or \u003ccode\u003ehttp://localhost:9003/serviceKey\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe request includes a \u003ccode\u003ekey\u003c/code\u003e parameter within the request body, containing malicious data such as malformed JSON, an empty string, or attacker-controlled valid GCP service account credentials.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003eAddServiceKey\u003c/code\u003e function in OpenCost's \u003ccode\u003epkg/costmodel/router.go\u003c/code\u003e receives the unauthenticated request.\u003c/li\u003e\n\u003cli\u003eLacking any authentication or input validation, OpenCost extracts the value from the \u003ccode\u003ekey\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe extracted content is directly written to the \u003ccode\u003ekey.json\u003c/code\u003e file located in the \u003ccode\u003eCONFIG_PATH\u003c/code\u003e directory (which defaults to \u003ccode\u003e/var/configs\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe existing \u003ccode\u003ekey.json\u003c/code\u003e file is overwritten with the attacker-supplied malicious content, compromising the integrity or confidentiality of the GCP service account key.\u003c/li\u003e\n\u003cli\u003eSubsequent attempts by OpenCost to interact with GCP APIs will either fail due to invalid credentials, causing service disruption, or connect to an attacker-controlled GCP project, enabling data exfiltration or unauthorized actions.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe unauthorized file write vulnerability in OpenCost can lead to severe consequences across multiple dimensions. If an attacker injects invalid JSON or malformed credentials into \u003ccode\u003ekey.json\u003c/code\u003e, OpenCost's ability to communicate with the GCP Billing API will cease, resulting in a disruption of cost monitoring and FinOps processes. This directly impacts an organization's ability to track and manage cloud expenditures. More critically, an attacker can inject their own GCP service account credentials, leading to sensitive data leakage. This includes the organization's cloud resource usage patterns, detailed cost breakdowns per namespace, and overall business intelligence regarding infrastructure scale and technology adoption. Such information could be highly valuable to competitors or for reconnaissance in future attacks. While the attacker cannot control the file path or name, the ability to fully control the \u003ccode\u003ekey.json\u003c/code\u003e content without authentication poses a significant risk. For improperly exposed instances, the permissive CORS configuration enables cross-origin attacks, allowing malicious websites to initiate attacks from a victim's browser without their awareness.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect OpenCost ServiceKey Unauthorized File Write Attempt\u003c/code\u003e to your SIEM to alert on suspicious unauthenticated POST requests to the \u003ccode\u003e/serviceKey\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eMonitor \u003ccode\u003ewebserver\u003c/code\u003e logs for HTTP POST requests directed at the \u003ccode\u003e/serviceKey\u003c/code\u003e endpoint, especially those originating from unexpected IP addresses or lacking proper authentication headers.\u003c/li\u003e\n\u003cli\u003eRestrict network access to the OpenCost service endpoint \u003ccode\u003e/serviceKey\u003c/code\u003e through firewall rules, network policies, or API gateways to prevent unauthenticated external access.\u003c/li\u003e\n\u003cli\u003eIf possible, implement an authentication layer (e.g., API key, OAuth, OIDC) for the \u003ccode\u003e/serviceKey\u003c/code\u003e endpoint, as recommended by the OpenCost maintainers' remediation guidance.\u003c/li\u003e\n\u003cli\u003eEnsure strong input validation is applied to the \u003ccode\u003ekey\u003c/code\u003e parameter to verify the integrity and format of any submitted GCP service account keys.\u003c/li\u003e\n\u003cli\u003eReview and restrict the \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header in your web server or ingress configuration for OpenCost to only trusted domains, preventing cross-origin attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-14T19:25:45Z","date_published":"2026-07-14T19:25:45Z","id":"https://feed.craftedsignal.io/briefs/2026-07-opencost-servicekey-unauth-write/","summary":"OpenCost contains an unauthenticated file write vulnerability, tracked as GHSA-wmj8-9953-vff5, in its `/serviceKey` endpoint that allows remote attackers to overwrite the GCP service account key file (`key.json`) without any authentication or input validation, leading to service disruption, credential theft, and potential privilege escalation within Kubernetes clusters or GCP environments.","title":"OpenCost ServiceKey Endpoint Unauthorized Credential Overwrite/Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-07-opencost-servicekey-unauth-write/"}],"language":"en","title":"CraftedSignal Threat Feed - OpenCost","version":"https://jsonfeed.org/version/1.1"}