CVE-2024-36539

CRITICAL

Contour <1.28.3 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-36539. PoCs published by Abdurahmon3236.

AI-analyzed exploit summary The repository contains a functional Python script that demonstrates an insecure permissions vulnerability in Contour v1.28.3 by accessing the service account token and using it to query the Kubernetes API for pod information.

Description

Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.

Exploits (1)

nomisec WORKING POC

by Abdurahmon3236 · poc

https://github.com/Abdurahmon3236/CVE-2024-36539

View Code ZIP pw:eip

The repository contains a functional Python script that demonstrates an insecure permissions vulnerability in Contour v1.28.3 by accessing the service account token and using it to query the Kubernetes API for pod information.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Contour v1.28.3

No auth needed

Prerequisites: Access to a Kubernetes pod with a mounted service account token · Contour v1.28.3 deployed in the cluster

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory

https://gist.github.com/HouqiyuA/c92f9ec979653dceeea947afd0b47a80

Scores

CVSS v3 9.8

EPSS 0.0126

EPSS Percentile 65.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-277

Status published

Products (1)

projectcontour/contour 1.28.3

Published Jul 24, 2024

Tracked Since Feb 18, 2026