CVE-2025-62878
Product: Rancher Local Path Provisioner
Vulnerability Type: Path Traversal → Arbitrary Host File Write
Severity: Critical
CVSS v3.1: 10.0 (Critical)
Attack Vector: Network (via Kubernetes API)
Privileges Required: Low (PVC or StorageClass creation depending on RBAC)
User Interaction: None
Exploit Availability: Public PoC available (for educational and defensive validation purposes)
Impact: Host filesystem overwrite, data destruction, credential exposure, full cluster compromise
Overview
CVE-2025-62878 is a critical path traversal vulnerability in Rancher’s Local Path Provisioner, a dynamic storage provisioner commonly used in Kubernetes environments and enabled by default in many K3s deployments.
The issue originates from improper validation of the parameters.pathPattern field inside a StorageClass configuration. This parameter is used as a template to dynamically construct filesystem paths on the host node where PersistentVolumes are created.
The provisioner fails to sanitize directory traversal sequences such as ../. As a result, an attacker can manipulate the resolved path to escape the intended base directory and force the provisioner to create or manipulate directories anywhere on the host filesystem.
Because the provisioner executes helper scripts directly on the node to create or delete volume directories, the vulnerability leads to arbitrary host-level file operations.
This is not a container escape exploit in the traditional sense. Instead, it abuses legitimate Kubernetes functionality in a way that results in host compromise.
Technical Root Cause
The Local Path Provisioner works by:
- Accepting a
StorageClassdefinition. - Rendering a
pathPatterntemplate using PVC metadata. - Joining the rendered result with a configured base path.
- Executing host-level commands to create that directory.
The flaw exists because:
- The rendered template is not normalized or canonicalized.
- Path traversal sequences (
../) are not removed. - The final resolved path is trusted without validation.
- Host-level helper scripts run filesystem operations against that path.
If the template renders into a path that includes traversal sequences, the resulting path can escape the intended base directory and resolve to arbitrary host locations such as:
/etc/var/lib/root/etc/kubernetes/pki
Since directory creation and deletion are performed on that resolved path, attackers gain host-level file manipulation capability.
Affected Environments
- Rancher Local Path Provisioner versions prior to v0.0.34
- Kubernetes clusters using Local Path Provisioner
- K3s clusters where Local Path Provisioner is enabled by default
Any cluster allowing users to create or modify:
- PersistentVolumeClaims
- StorageClasses
is potentially exposed, depending on RBAC configuration.
Exploitation Scenario (Educational)
The vulnerability can be exploited through Kubernetes API access.
An attacker with permission to create a StorageClass or influence a PVC can:
- Define a malicious
pathPatterncontaining traversal segments. - Create a PVC referencing that StorageClass.
- Trigger the provisioner to render the template.
- Cause directory creation outside the intended storage root.
- Mount that volume into a pod and access sensitive host data.
Potential impacts include:
- Reading cluster private keys
- Modifying system configuration files
- Planting persistence mechanisms
- Deleting important host directories
- Escalating privileges to cluster administrator
Public proof-of-concept examples demonstrate this using only YAML manifests. No memory corruption or kernel exploit is required. The attack relies entirely on configuration abuse.
This significantly lowers exploitation complexity.
Impact Assessment
The vulnerability allows:
- Arbitrary directory creation on host
- Arbitrary file overwrite (if mounted and written to)
- Arbitrary directory deletion (during teardown)
- Access to sensitive system files
- Kubernetes control-plane compromise
- Node takeover
- Lateral movement within cluster
If /etc/kubernetes/pki or similar directories are accessed or modified, full cluster compromise must be assumed.
Given the ease of exploitation and complete impact scope, the CVSS score is 10.0.
MITRE ATT&CK Mapping
- T1190 – Exploit Public-Facing Application
- T1068 – Exploitation for Privilege Escalation
- T1006 – Direct Volume Access
- T1552 – Unsecured Credentials
- T1485 – Data Destruction
Indicators of Compromise
The following conditions are strong indicators:
- PersistentVolumes with
hostPathvalues outside expected base directories - StorageClasses containing
../inparameters.pathPattern - Unexpected directory creation under
/etc,/root,/var - Modified Kubernetes PKI or configuration files
- Provisioner logs referencing abnormal resolved paths
Detection Strategy
Detection must be implemented across:
- Kubernetes API audit logs
- PersistentVolume objects
- Provisioner container logs
- Node filesystem monitoring
- Host audit logging
Detection Queries
1. Kubernetes Audit Log – Suspicious StorageClass Creation
Elastic / OpenSearch Query
kubernetes.audit.verb: ("create" OR "update")
AND kubernetes.audit.objectRef.resource: "storageclasses"
AND kubernetes.audit.requestObject.parameters.pathPattern: "*..*"
This detects traversal patterns inside StorageClass definitions.
2. Kubernetes PersistentVolume Inspection
Kubectl Manual Audit
kubectl get pv -o jsonpath='{range .items[*]}{.metadata.name}{" "}{.spec.hostPath.path}{"\n"}{end}'
Any path not starting with expected directories such as:
/var/lib/rancher/k3s/storage/opt/local-path-provisioner
should be investigated immediately.
3. Splunk Query – Suspicious StorageClass Creation
index=kube_audit
verb=create OR verb=update
objectRef.resource=storageclasses
| search requestObject.parameters.pathPattern="*..*"
| table _time, user.username, sourceIPs, requestObject.metadata.name, requestObject.parameters.pathPattern
4. Splunk Query – PersistentVolume HostPath Outside Baseline
index=kube_objects kind=PersistentVolume
| where NOT like(spec.hostPath.path,"/var/lib/rancher/k3s/storage%")
| table metadata.name, spec.hostPath.path
5. Linux Auditd Rule – High-Value Directory Monitoring
auditctl -w /etc -p wa -k host_write_watch
auditctl -w /root -p wa -k host_write_watch
auditctl -w /var/lib/kubelet -p wa -k host_write_watch
Unexpected write activity tied to the provisioner container process should trigger alerts.
6. Provisioner Log Monitoring
Search provisioner logs for:
index=kube_logs container_name=local-path-provisioner
| regex _raw="(/etc/|/root/|/var/lib/kubelet/)"
Any resolved path in logs pointing to system directories is suspicious.
Forensic Considerations
If exploitation is suspected:
- Node must be isolated.
- Cluster certificates must be rotated.
- Service account tokens must be reissued.
- Cloud provider credentials must be rotated.
- Control-plane integrity must be validated.
- Host filesystem must be compared to known-good baseline.
If /etc/kubernetes/pki was exposed or modified, a full cluster rebuild is strongly recommended.
Remediation
Immediate upgrade is required.
Upgrade Local Path Provisioner to v0.0.34 or later.
Official patch release:
https://github.com/rancher/local-path-provisioner/releases/tag/v0.0.34
After upgrade:
- Review all StorageClasses
- Restrict RBAC permissions for StorageClass creation
- Restrict PVC creation to trusted namespaces
- Implement audit monitoring permanently
Risk Summary
This vulnerability effectively converts Kubernetes configuration access into host-level filesystem control. Because exploitation requires no binary exploitation and only configuration manipulation, it is extremely dangerous in environments with permissive RBAC or multi-tenant workloads.
Any exposed cluster should be treated as potentially compromised until validated.
