writeups.xyz / #BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services

Submitter : c2a

Date: 19 April 2023

Bounty : undisclosed

Vulnerabilities :

• Cloud
• RCE
• Container Escape
• Kubernetes
• Privilege Escalation
• Lateral Movement
• Supply Chain Attack
• Cross-Tenant Vulnerability

Programs :

• Alibaba

Authors :

• Ronen Shustin (@Ronenshh)
• Shir Tamari (@Shirtamari)

Link :
https://www.wiz.io/blog/brokensesame-accidental-write-permissions-to-private-registry-allowed-potential-r