Contour Kubernetes Ingress: Lua Code Injection Leads to Envoy RCE

The National Vulnerability Database has detailed CVE-2026-41246, affecting Contour, a Kubernetes ingress controller leveraging Envoy proxy. Versions from v1.19.0 up to, but not including, v1.33.4, v1.32.5, and v1.31.6 are vulnerable to Lua code injection within the Cookie Rewriting feature. An attacker with RBAC permissions to create or modify HTTPProxy resources can inject malicious Lua code into spec.routes[].cookieRewritePolicies[].pathRewrite.value or spec.routes[].services[].cookieRewritePolicies[].pathRewrite.value fields. This ultimately leads to arbitrary code execution within the Envoy proxy.

While the injected code only executes when processing traffic on the attacker’s own controlled route, the implications are severe given Envoy’s shared infrastructure nature. The National Vulnerability Database states that this vulnerability could allow an attacker to read Envoy’s xDS client credentials directly from the filesystem or trigger denial-of-service conditions for other tenants sharing the same Envoy instance. This isn’t just about isolated impact; it’s about compromise of shared components that underpin critical cluster functions. The vulnerability stems from insufficient sanitization of user-controlled values interpolated into Lua source code using Go’s text/template.

This isn’t a complex drive-by attack; it requires specific RBAC permissions. However, once those are obtained—perhaps through an earlier compromise or misconfiguration—the blast radius expands significantly. Defenders need to recognize that local code execution on shared infrastructure like Envoy is a critical pivot point for lateral movement and privilege escalation. The National Vulnerability Database confirms that this issue is resolved in Contour versions v1.33.4, v1.32.5, and v1.31.6.