Urgent Fix Needed for Ingress-NGINX Controller Vulnerabilities

Dark Watch
Urgent Fix Needed for Ingress-NGINX Controller Vulnerabilities

Published:

Written by: Staff Editor
spot_img

Critical Vulnerabilities Identified in Ingress-NGINX Controller for Kubernetes

Critical Vulnerabilities Found in Ingress-NGINX Controller for Kubernetes: Immediate Action Required

A set of serious vulnerabilities has been uncovered in the Ingress-NGINX Controller for Kubernetes, posing significant risks to organizations utilizing affected versions. The Australian Cyber Security Centre (ACSC) has issued an advisory alerting users that versions prior to NGINX Controller 1.12.1 and 1.11.5 are susceptible to unauthorized remote code execution and potential full cluster takeover.

The vulnerabilities arise from improper handling of ingress annotations and attacker-provided data, which could lead to arbitrary code execution and sensitive data disclosures. Among the key vulnerabilities identified are:

  1. CVE-2025-1097: Exploitation of the auth-tls-match-cn Ingress annotation could allow unauthorized configurations to be injected into NGINX, enabling attackers to execute arbitrary code and access sensitive secrets across namespaces.

  2. CVE-2025-1098: The misuse of mirror-target and mirror-host annotations can lead to remote execution of malicious code, exposing cluster-wide secrets and compromising system integrity.

  3. CVE-2025-1974: An unauthenticated attacker with access to the pod network may achieve arbitrary code execution, risking full control over the cluster.

  4. CVE-2025-24513: A directory traversal vulnerability in the Ingress-NGINX Admission Controller allows attacker-provided data to be included in filenames, potentially leading to unauthorized access.

  5. CVE-2025-24514: The auth-url Ingress annotation can be exploited to inject malicious configurations, granting unauthorized access to secrets.

To mitigate these risks, the ACSC strongly recommends that organizations immediately upgrade to the latest versions of the Ingress-NGINX Controller. Additionally, users should regularly monitor security updates and review Kubernetes security guidance to safeguard their environments.

With the potential for remote code execution and cluster-wide compromise, swift action is essential to protect sensitive data and maintain the integrity of Kubernetes infrastructures.

spot_img

Related articles

Recent articles

84 Hours of Internet Blackout in Iran Amid Growing Unrest

Dark Watch
Iran's Internet Blackout: A Deepening Crisis Amid Unrest Four Days Without Connectivity Iran has plunged into a state of digital isolation as an internet blackout enters...
Read more

NSA Appoints Timothy Kosiba to Lead Cybersecurity Strategy

Resources
Appointment of Timothy Kosiba as NSA Deputy Director: A Leadership Milestone The National Security Agency (NSA) has recently announced a pivotal leadership change with the...
Read more

Comprehensive Threat Analysis of Cyber Campaigns in the UAE for H1 2025

Regional
Understanding the Cybersecurity Threat Landscape in the UAE: Insights from 2025 An analysis by Alain Penel, Vice President for the Middle East, Turkey, and CIS...
Read more

2026 Business Blast Radius: Dr. Amit Chaubey on Cyber Disruption as a Sovereign Risk

Dark Watch
The 2026 Business Blast Radius: Insights from Dr. Amit Chaubey In a recent conversation with The Cyber Express, Dr. Amit Chaubey, the Managing Director and...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com