Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission
Summary
This security write-up explains how Kubernetes RBAC nodes/proxy GET can lead to remote code execution in any Pod. It covers the root cause, exploitation via WebSockets, audit implications, PoC examples, detection, and a discussion of KEP-2862 and vendor stance, highlighting a major risk for clusters using this permission.