Multiple Remote Code Execution Vulnerabilities in Ingress NGINX Controller for Kubernetes
A series of critical vulnerabilities (CVE-2025-1974, CVE-2025-1097, CVE-2025-1098 and CVE-2025-24514) have been identified in the Ingress NGINX Controller for Kubernetes. These vulnerabilities allow unauthenticated remote code execution (RCE) via crafted requests to the Validating Admission Controller and admission controller components of ingress-nginx. Exploitation of these vulnerabilities can lead to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster, potentially resulting in a complete cluster takeover. These issues have been patched in Ingress NGINX versions 1.12.1 and 1.11.5, users are strongly advised to upgrade. The IONIX research team developed and tested an exploit simulation on relevant assets to verify the vulnerability’s impact and assess potential exposure.
References: