Executive Summary

A critical command injection vulnerability has been identified in the Rancher Manager cluster import endpoint through unsanitized YAML parameters. This vulnerability, tracked as CVE-2026-44939 with a CVSS score of 9.4, allows an attacker to inject arbitrary YAML keys and malicious configurations. Successful exploitation could lead to full control over downstream Kubernetes clusters, execution of arbitrary code on control-plane nodes, and access to sensitive cluster secrets.

Technical Analysis

The vulnerability exists in the Rancher Manager cluster import endpoint `/v3/import/{token}_{clusterId}.yaml`, where the `authImage` query parameter is rendered without sanitization into a generated Kubernetes manifest template. An attacker can exploit this by including URL-encoded newlines in the parameter value to break out of the `image:` field and inject arbitrary YAML keys and malicious configurations.

How It Gets Exploited

An attacker must first obtain a valid cluster registration token, which may be exposed through documentation, screenshots, or insecure communication channels. The victim's cluster operator must then execute `kubectl apply` against a maliciously crafted URL. When applied, a DaemonSet is deployed with the injected configuration, running on all control-plane nodes with `hostNetwork: true` enabled, using the `cattle` service account with `cluster-admin` privileges, mounting `/etc/kubernetes` directly from the host, and executing attacker-controlled commands via the injected `command:` field.

Impact Assessment

Successful exploitation of this vulnerability could allow an attacker to: - Achieve full control over downstream Kubernetes clusters. - Execute arbitrary code on control-plane nodes with elevated privileges. - Access sensitive cluster secrets and configurations via the privileged service account. - Disrupt cluster operations by manipulating critical control-plane workloads. - Establish persistent access through the deployed DaemonSet. Affected versions of Rancher include those prior to `v2.14.2`, `v2.13.6`, `v2.12.10`, `v2.11.14`, and `v2.10.12`.

Recommended Actions

To mitigate this vulnerability, Rancher users should: - Update to patched versions of Rancher: `v2.14.2`, `v2.13.6`, `v2.12.10`, `v2.11.14`, or `v2.10.12`. - Review downstream clusters for the `kube-api-auth` DaemonSet within the `cattle-system` namespace for unexpected configurations. - Validate manifest integrity before applying `kubectl apply` on import manifests.

Sources

- GitHub Security Advisories: https://github.com/advisories/GHSA-mhc6-2gfq-xx62