HomeCII/OTIngress-NGINX Controller Flaws Need Urgent Resolution

Ingress-NGINX Controller Flaws Need Urgent Resolution

Published on

spot_img

Multiple vulnerabilities have been detected in Ingress-NGINX Controller for Kubernetes, posing a significant risk to organizations utilizing the impacted versions. These vulnerabilities, affecting versions prior to NGINX Controller 1.12.1 and 1.11.5, have the potential to allow unauthorized remote code execution and even full cluster takeover.

The Australian Cyber Security Centre has issued an advisory outlining the various vulnerabilities found in the Ingress-NGINX Controller. These vulnerabilities arise from mishandling of ingress annotations and attacker-supplied data, leading to the execution of arbitrary code and disclosure of secrets.

The first vulnerability identified, CVE-2025-1097, exposes an issue with the auth-tls-match-cn Ingress annotation, enabling the injection of unauthorized configurations into NGINX. This vulnerability allows for arbitrary code execution within the Ingress-NGINX controller, posing a risk of unauthorized access to Secrets across namespaces and compromising the security of the cluster.

The second vulnerability, CVE-2025-1098, pertains to the mirror-target and mirror-host Ingress annotations that can be exploited to insert arbitrary configurations into NGINX. This vulnerability enables remote execution of malicious code within the Ingress-NGINX controller, potentially exposing sensitive cluster-wide Secrets and leading to system compromise.

The third vulnerability identified, CVE-2025-1974, highlights the risk of unauthenticated access to the pod network, which under certain conditions can result in arbitrary code execution. This vulnerability jeopardizes the integrity of the controller, allowing attackers to extract Secrets from the cluster and potentially gain full control.

Another vulnerability, CVE-2025-24513, involves a directory traversal flaw in the Ingress-NGINX Admission Controller, enabling attacker-provided data to be included in filenames and leading to directory traversal within the container.

Lastly, CVE-2025-24514 exposes an exploit in the auth-url Ingress annotation that can inject malicious configurations into NGINX, allowing attackers to remotely execute code within the controller and gain unauthorized access to Secrets across namespaces.

Given the critical role Ingress-NGINX Controller plays in routing external traffic to services within a Kubernetes cluster, exploiting these vulnerabilities can result in severe consequences such as remote code execution, exposure of cluster-wide Secrets, and complete takeover of the Kubernetes infrastructure.

To mitigate these vulnerabilities, organizations are advised to promptly upgrade to the latest version of Ingress-NGINX Controller, implement Kubernetes security guidance, disable external access to the admission webhook endpoint, and address specific actions for CVE-2025-1974 to enhance security measures.

Overall, the presence of these vulnerabilities in Ingress-NGINX Controller underscores the importance of proactive security measures to safeguard Kubernetes clusters against unauthorized access and potential compromise. By adhering to best practices and staying vigilant against emerging threats, organizations can fortify their environments and prevent exploitation of critical security flaws.

Source link

Latest articles

When 80,000 Fans Log On at Once: Unique Cybersecurity Issues of the 2026 World Cup

In light of the imminent 2026 World Cup, which will unfold across sixteen cities...

NPM Ecosystem Faces Two New Supply Chain Compromises

Malicious Code Discovered in npm Packages: A Growing Threat In a troubling development within the...

Eleven Vulnerable UEFI Shims Allow Secure Boot Bypass

Vulnerabilities in Microsoft-Signed UEFI Shims Pave the Way for Attacks Recent findings from cybersecurity research...

Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider: A Q&A Session

Moona Ederveen-Schneider: A Pioneering Voice in Cybersecurity and Quantum Threat Preparedness Moona Ederveen-Schneider stands as...

More like this

When 80,000 Fans Log On at Once: Unique Cybersecurity Issues of the 2026 World Cup

In light of the imminent 2026 World Cup, which will unfold across sixteen cities...

NPM Ecosystem Faces Two New Supply Chain Compromises

Malicious Code Discovered in npm Packages: A Growing Threat In a troubling development within the...

Eleven Vulnerable UEFI Shims Allow Secure Boot Bypass

Vulnerabilities in Microsoft-Signed UEFI Shims Pave the Way for Attacks Recent findings from cybersecurity research...