Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2025-1098

CVSSv4: NA | CVSSv3: 8.8 | CVSSv2: NA | VMScore: 980 | EPSS: 0.33906 | KEV: Not Included
Published: 25/03/2025 Updated: 27/03/2025

Vulnerability Summary

Arbitrary Code Execution in Kubernetes Ingress-Nginx via Annotation Configuration Injection

A security vulnerability exists in ingress-nginx, a Kubernetes component hosted on GitHub, involving the `mirror-target` and `mirror-host` Ingress annotations. These annotations can be exploited to inject malicious configuration directly into nginx. This injection can potentially enable arbitrary code execution within the ingress-nginx controller and allow unauthorized disclosure of Secrets that are accessible to the controller. In the default installation configuration, the controller has access to Secrets across the entire cluster, which significantly increases the potential impact of this security issue.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kubernetes ingress-nginx

ICS Advisories

https://ics-cert.us-cert.gov/advisories/ff5340f905ee763299cdd00c650fafd2
Critical Infrastructure Sectors: Critical Manufacturing

Mailing Lists

Full Disclosure: Re: [kubernetes] Multiple vulnerabilities in ingress-nginx
On Mon, Mar 24, 2025 at 02:38:17PM -0500, Tabitha Sable wrote: Apparently these versions have not been released yet[0] So for the moment, only the partial mitigation can be done [0]: githubcom/kubernetes/kubernetes/issues/131005#issuecomment-2749372605 ...
Full Disclosure: [kubernetes] Multiple vulnerabilities in ingress-nginx
Hello oss-sec, Multiple issues have been discovered in ingress-nginx that can result in arbitrary code execution in the context of the ingress-nginx controller This can lead to disclosure of Secrets accessible to the controller (Note that in the default installation, the controller can access all Secrets cluster-wide) The most serious of these ...

Github Repositories

https://github.com/gian2dchris/ingress-nightmare-poc

Ingress Nightmare PoC

ingress-nightmare-poc Ingress Nightmare PoC - not an RCE, yet NGINX Configuration Injection Injections PoCs Configuration injection PoCs to exploit CVE-2025-1974, affected versions and prerequisites CVE PoC Affected Versions Notes CVE-2025-24514 auth-url-reviewjson < 1115 Can not exploit 112x deployments which run with --enable-annotation-validation by defa

https://github.com/killsystema/IngressNightmare

Shodan Vulnerability Scanner Este script utiliza a API do Shodan para procurar por Vulnerabilidades recentes (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) descobertas em seu controlador de admissão podem levar ao acesso não autorizado a todos os segredos em namespaces e potencialmente permitir a aquisição completa do cluster Funciona

https://github.com/scottymcandrew/ingress-nightmare

Ingress NGINX Vulnerability Checker Detection scripts for the Ingress NGINX Controller vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) Available Scripts This repository contains two vulnerability detection scripts: Internal Cluster Assessment (ingress_nginx_vuln_checkerpy) For users with kubectl access to their clusters Provides detailed versi

https://github.com/hakaioffsec/IngressNightmare-PoC

This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).

Exploit for Ingress NGINX - IngressNightmare This project provides an exploit targeting critical unauthenticated Remote Code Execution (RCE) vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively referred to as IngressNightmare (Research by Wiz) In the original research, the Wiz team did not provide a PoC or a functional exploit, so we decided to create o

https://github.com/marc-ko/daily-trending-repo

This repo will give you the latest trending repo on github and giving you a grasp by sending email via Github Watching Features

🌟 Daily Trending Repositories πŸ“‹ About This project automatically tracks and curates trending repositories from GitHub daily Stay updated with the most exciting new projects in the developer community! With AI Summarization, you can get the summary of the repository by seeing the READMEmd file as well! πŸ”₯ Features πŸ”„ Weekly Updates

Recent Articles

Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources How many K8s systems are sat on the internet front porch like that ... Oh, thousands, apparently

Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could allow the total takeover of Kubernetes clusters – and thinks more than 6,000 deployments of the software are at risk on the internet. Kubernetes (K8s) clusters are exposed more often than you might think to external HTTP/S traffic, to allow outside access to the applications they run. Putting the cluster admission controller out there, too, doesn't seem ...

Read more...

References

CWE-20https://nvd.nist.govhttps://www.theregister.co.uk/2025/03/25/kubernetes_flaw_rce_risk/https://github.com/gian2dchris/ingress-nightmare-pochttps://www.first.org/epsshttps://www.cisa.gov/news-events/ics-advisories/icsa-25-100-05https://github.com/kubernetes/kubernetes/issues/131008
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
piwik proCVE-2025-5056privilege escalationCVE-2025-4919CVE-2025-3881cs seo extensionCVE-2025-41426tibco software incCVE-2025-20256edx-platformcode executionCVE-2025-4918XSS
Home
/
Search Results
/
CVE-2025-1098
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook