PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
gbhackersA recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments.
This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit has been released, demonstrating how attackers could exploit this flaw.
CVE-2025-1974 affects versions of Ingress-NGINX where the validating webhook is enabled. The webhook listens on port 8443 and is designed to validate configurations before applying them to NGINX instances.
However, due to a security oversight, an attacker can craft malicious AdmissionRequests containing NGINX configurations that lead to RCE.
PoC Exploit
The PoC exploit has been tested in a local Minikube environment. Here’s a step-by-step guide on how it works:
-
Create a Vulnerable Pod:
Users start by applying the relevant NGINX Ingress controller configuration using Kubernetes:
kubectl apply -f nginx-ingress-controller.yaml-
Identify the Webhook Server:
Describing the pod reveals details ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE