Ingress NGINX: Critical Unauthenticated Remote Code Execution Vulnerabilities
Tech Unplugged · Sublimetechie
Audio is streamed directly from the publisher (content.rss.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Wiz Research disclosed critical unauthenticated remote code execution (RCE) vulnerabilities, collectively named #IngressNightmare, affecting the Ingress NGINX Controller for Kubernetes. Exploiting these flaws could allow attackers to gain complete control over Kubernetes clusters by accessing all stored secrets. The vulnerabilities, identified as CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974, stem from the unauthenticated network access to the admission controller and the ability to inject malicious NGINX configurations. The research details how these injections, particularly through annotation parsers and the mirror UID, combined with a code execution vulnerability in the NGINX configuration testing phase, enable RCE by loading arbitrary shared libraries. Patches are available in Ingress NGINX Controller versions 1.12.1 and 1.11.5, and mitigations include restricting network access to the admission controller or temporarily disabling it.