Urgent Fix Needed for Ingress-NGINX Controller Vulnerabilities

Dark Watch
Urgent Fix Needed for Ingress-NGINX Controller Vulnerabilities

Published:

Written by: Staff Editor
spot_img

Critical Vulnerabilities Identified in Ingress-NGINX Controller for Kubernetes

Critical Vulnerabilities Found in Ingress-NGINX Controller for Kubernetes: Immediate Action Required

A set of serious vulnerabilities has been uncovered in the Ingress-NGINX Controller for Kubernetes, posing significant risks to organizations utilizing affected versions. The Australian Cyber Security Centre (ACSC) has issued an advisory alerting users that versions prior to NGINX Controller 1.12.1 and 1.11.5 are susceptible to unauthorized remote code execution and potential full cluster takeover.

The vulnerabilities arise from improper handling of ingress annotations and attacker-provided data, which could lead to arbitrary code execution and sensitive data disclosures. Among the key vulnerabilities identified are:

  1. CVE-2025-1097: Exploitation of the auth-tls-match-cn Ingress annotation could allow unauthorized configurations to be injected into NGINX, enabling attackers to execute arbitrary code and access sensitive secrets across namespaces.

  2. CVE-2025-1098: The misuse of mirror-target and mirror-host annotations can lead to remote execution of malicious code, exposing cluster-wide secrets and compromising system integrity.

  3. CVE-2025-1974: An unauthenticated attacker with access to the pod network may achieve arbitrary code execution, risking full control over the cluster.

  4. CVE-2025-24513: A directory traversal vulnerability in the Ingress-NGINX Admission Controller allows attacker-provided data to be included in filenames, potentially leading to unauthorized access.

  5. CVE-2025-24514: The auth-url Ingress annotation can be exploited to inject malicious configurations, granting unauthorized access to secrets.

To mitigate these risks, the ACSC strongly recommends that organizations immediately upgrade to the latest versions of the Ingress-NGINX Controller. Additionally, users should regularly monitor security updates and review Kubernetes security guidance to safeguard their environments.

With the potential for remote code execution and cluster-wide compromise, swift action is essential to protect sensitive data and maintain the integrity of Kubernetes infrastructures.

spot_img

Related articles

Recent articles

Mining in Motion: African Ministers Unite to Accelerate Extractive Sector Growth

Regional
### **Mining in Motion Summit Set for 2025 in Accra** The **Mining in Motion** summit is poised to be the most significant event for mining...
Read more

PureRAT Malware Soars 4x in 2025, Targeting Russian Firms with PureLogs

Global
Surge in Phishing Attacks Targeting Russian Businesses: Unpacking the PureRAT Malware May 21, 2025 By Ravie Lakshmanan Tags: Malware, Windows Security The Emergence of PureRAT Malware Recent studies by...
Read more

Searchlight Cyber Unveils AI Tools to Summarize Dark Web Content

Dark Watch
Enhancing Dark Web Investigations: Searchlight Cyber Unveils New AI Features in Cerberus Introduction to Cerberus AI Insights Searchlight Cyber has made significant strides in the field...
Read more

Russian Hackers Target Email and VPN Flaws to Infiltrate Ukraine Aid Operations

Global
Cyber Espionage by Russian APT28: Targeting Western Logistics and Technology Entities In recent developments, the cyber landscape has been significantly impacted by a state-sponsored campaign...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com