CVE-2025-67508
HIGHgardenctl < 2.12.0 - Command Injection via Malicious Credential Values in Non-POSIX Shells
Title source: llmDescription
gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft malicious credential values. The forged credential values are used in infrastructure Secret objects that break out of the intended string context when evaluated in Fish or PowerShell environments used by the Gardener service operators. This issue is fixed in version 2.12.0.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://github.com/gardener/gardenctl-v2/security/advisories/GHSA-fw33-qpx7-rhx2
Scores
CVSS v3
8.4
EPSS
0.0003
EPSS Percentile
9.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-77
Status
published
Products (3)
gardener/gardenctl-v2
0 - 0.0.0-20251107111549-0bdc484cb5fbGo
gardener/gardenctl-v2
< 2.12.0
linuxfoundation/gardenctl
< 2.12.0
Published
Dec 12, 2025
Tracked Since
Feb 18, 2026