CVE-2026-23742 Overview
CVE-2026-23742 is a Code Injection vulnerability affecting Zalando Skipper, an HTTP router and reverse proxy for service composition. The default Skipper configuration before version 0.23.0 included -lua-sources=inline,file, which allowed untrusted users to create Lua filters capable of reading the filesystem accessible to the Skipper process. When combined with log access, attackers could exfiltrate sensitive secrets from Skipper deployments.
Critical Impact
Untrusted users with the ability to create Lua filters (for example, through Kubernetes Ingress resources) can read arbitrary files from the Skipper process filesystem and potentially access secrets through log files.
Affected Products
- Zalando Skipper versions prior to 0.23.0
- Kubernetes environments using Skipper as an Ingress controller with default Lua configuration
- Deployments with -lua-sources=inline enabled (default before 0.23.0)
Discovery Timeline
- 2026-01-16 - CVE-2026-23742 published to NVD
- 2026-01-16 - Last updated in NVD database
Technical Details for CVE-2026-23742
Vulnerability Analysis
This vulnerability stems from CWE-94 (Improper Control of Generation of Code - Code Injection). The Skipper HTTP router allows users to define custom Lua scripts for request filtering and routing logic. Prior to version 0.23.0, the default configuration permitted inline Lua script definitions, creating a dangerous attack surface in multi-tenant environments.
In Kubernetes deployments where Skipper serves as an Ingress controller, users with permission to create or modify Ingress resources can inject arbitrary Lua code through filter definitions. This code executes within the context of the Skipper process, inheriting its file system access permissions. An attacker can craft malicious Lua scripts that read sensitive files such as service account tokens, environment variables, or configuration files containing credentials.
The attack becomes particularly severe when combined with log access. If the attacker can view Skipper logs (common in shared Kubernetes clusters), they can use the Lua script to read sensitive data and then output it to logs via standard logging functions, effectively exfiltrating secrets through legitimate logging channels.
Root Cause
The root cause is an insecure default configuration where -lua-sources=inline,file was enabled by default. The inline option permits users to embed Lua code directly within filter definitions, bypassing any file-based restrictions. This design assumed trusted users would be creating Lua filters, but in multi-tenant environments like shared Kubernetes clusters, this assumption does not hold. The vulnerability allows code injection because user-controlled input (Lua script content) is executed without sufficient sandboxing or restriction.
Attack Vector
The attack requires network access and low privileges—specifically, the ability to create or modify Kubernetes Ingress resources that Skipper processes. An authenticated attacker can inject malicious Lua code through Ingress annotations or filter definitions. The injected script can then:
- Enumerate and read files accessible to the Skipper process
- Access Kubernetes service account tokens at /var/run/secrets/kubernetes.io/serviceaccount/token
- Read environment variables containing secrets
- Output sensitive data to logs for exfiltration
The attack does not require user interaction and can be performed remotely against any Skipper deployment using the vulnerable default configuration.
Detection Methods for CVE-2026-23742
Indicators of Compromise
- Unusual Lua filter definitions in Kubernetes Ingress resources containing file I/O operations
- Skipper logs containing unexpected data that may indicate exfiltration attempts
- Access to sensitive file paths such as /var/run/secrets/ or /etc/ from Skipper process logs
- New or modified Ingress resources with inline Lua scripts from unexpected users
Detection Strategies
- Monitor Kubernetes audit logs for Ingress resource creation or modification events containing Lua filter definitions
- Implement log analysis to detect patterns consistent with file content being written to logs
- Review existing Ingress resources for suspicious Lua code referencing file system operations like io.open() or os.execute()
- Deploy runtime security monitoring on Skipper pods to detect unexpected file access patterns
Monitoring Recommendations
- Enable detailed audit logging for Kubernetes Ingress resources managed by Skipper
- Configure alerts for Skipper pod file access to sensitive directories like /var/run/secrets/
- Implement log aggregation with pattern matching for base64-encoded data or known secret formats in Skipper output
- Monitor for unusual network egress from Skipper pods that could indicate data exfiltration
How to Mitigate CVE-2026-23742
Immediate Actions Required
- Upgrade Zalando Skipper to version 0.23.0 or later immediately
- Audit existing Kubernetes Ingress resources for potentially malicious Lua filter definitions
- Review Skipper logs for signs of prior exploitation or data exfiltration
- Restrict permissions for creating or modifying Ingress resources in shared environments
Patch Information
The vulnerability is fixed in Skipper version 0.23.0. The patch modifies the default Lua sources configuration to prevent inline script execution by untrusted users. For detailed patch information, see the GitHub Security Advisory GHSA-cc8m-98fm-rc9g and the specific commit 0b52894 that addresses this issue. The patched version is available via the v0.23.0 release.
Workarounds
- Explicitly configure Skipper with -lua-sources=file to disable inline Lua script execution
- Implement Kubernetes RBAC policies to restrict Ingress resource creation to trusted administrators only
- Deploy Open Policy Agent (OPA) or similar admission controllers to validate Ingress resources and reject those containing inline Lua filters
- Run Skipper with minimal file system permissions and read-only root filesystem where possible
# Configuration example - Disable inline Lua sources
skipper -lua-sources=file -routes-file=/etc/skipper/routes.eskip
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
