Kubernetes: RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field
A vulnerability was exploited that allowed arbitrary files to be written and executed on the ingress-nginx-controller pod through the manipulation of Ingress resource specifications. By configuring log formats and locations, malicious configurations could gain remote code execution capabilities o...