Ingress-Nginx Controller - Remote Code Execution CVE-2025-1974
- Severity
- Vulnerability description
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
- Risk description
Vulnerable versions of Ingress-Nginx controller can be exploited to gain unauthorized access to all secrets across namespaces in the Kubernetes cluster, potentially leading to complete cluster takeover.
- Recommendation
Update to one of the following versions: Version 1.12.1 or later / Version 1.11.5 or later
- References
- https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilitieshttps://projectdiscovery.io/blog/ingressnightmare-unauth-rce-in-ingress-nginxhttps://nvd.nist.gov/vuln/detail/CVE-2025-1974https://https://github.com/kubernetes/kubernetes/issues/131009https://github.com/eeeeeeeeee-code/POC
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Exploitable with Sniper
- No
- CVE Published
- Not available
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.