Share
## https://sploitus.com/exploit?id=12AA4477-7225-5776-8EC6-80F0515C9198
# CVE-2026-4342 Test Environment Configuration

These files set up a Kubernetes environment to reproduce CVE-2026-4342, an annotation
injection vulnerability in ingress-nginx (versions < v1.15.1).

FOR AUTHORIZED SECURITY RESEARCH ONLY. All secrets use obviously fake values.

## Files

| File | Purpose |
|------|---------|
| `helm-values.yaml` | Helm values to deploy the vulnerable ingress-nginx v1.15.0 controller with default (overly broad) RBAC and admission webhooks disabled. |
| `test-secrets.yaml` | Creates fake Kubernetes Secrets in `default`, `kube-system`, and `target-ns` namespaces to serve as exfiltration targets. |
| `backend-service.yaml` | A minimal backend Deployment and Service (`demo-backend`) for the Ingress to route traffic to. |
| `exploit-ingress-rce.yaml` | Malicious Ingress resource demonstrating RCE via annotation injection. Executes a command and writes output to an HTTP-accessible path. |
| `exploit-ingress-secrets.yaml` | Malicious Ingress resource demonstrating secret disclosure. Uses Lua to call the Kubernetes API from within the nginx process and retrieve cluster secrets. |

## Deployment Order

1. Install ingress-nginx with `helm-values.yaml`
2. Apply `test-secrets.yaml`
3. Apply `backend-service.yaml`
4. Apply either exploit Ingress manifest
5. Send HTTP requests to the ingress to trigger and retrieve results