CVE-2026-29954
🟡 Monitoruj
Podatność SSRF w KubePlus umożliwia atakującym wstrzyknięcie dowolnych nagłówków HTTP.
CVSS
7.6
EPSS
0.0%
Exploit
poc
Vendor
cloudark
Opis źródłowy (NVD)
In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to download charts, the chartURL is directly concatenated into the command, allowing attackers to inject wget's `--header` option to achieve arbitrary HTTP header injection.
exploit ssrf
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 7.6 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.0% |
| Opublikowano (NVD) | 2026-03-30 17:16:15 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-06 15:51:33 UTC |
Referencje
- https://gist.github.com/b0b0haha/33baea60fd2a847f11f1fb02e43c64c0 (cve@mitre.org) [Exploit, Mitigation, Third Party Advisory]
- https://github.com/b0b0haha/CVE-2026-29954/blob/main/README.md (cve@mitre.org) [Exploit, Mitigation, Third Party Advisory]