This post discusses abusing the kubelet default configuration to gain privileged access to the kube-apiserver on a Kubernetes cluster. This can also lead to code execution on the nodes.

https://labs.mwrinfosecurity.com/blog/attacking-kubernetes-through-kubelet/