Ingress NGINX RCE Vulnerability Permits Attackers to Compromise Whole Cluster

A sequence of distant code execution (RCE) vulnerabilities often called “IngressNightmare” have been found within the Ingress NGINX Controller for Kubernetes.

These vulnerabilities, recognized as CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974, pose a crucial menace to Kubernetes clusters, permitting attackers to realize unauthorized entry to all cluster secrets and techniques and probably take management of the complete cluster.

CVE-2025-24514: auth-url Annotation Injection

The CVE-2025-24514 vulnerability arises from the dealing with of authentication-related annotations, particularly the nginx.ingress.kubernetes.io/auth-url annotation.

Within the authReq parser, the auth-url discipline just isn’t correctly sanitized when it’s included into the NGINX configuration.

This oversight permits attackers to inject arbitrary NGINX directives by crafting malicious annotations.

As an illustration, if an attacker makes use of the next annotation:

nginx.ingress.kubernetes.io/auth-url: "http://instance.com/#;ninjection_point"

The ensuing NGINX configuration may seem as:

proxy_http_version 1.1;
set $goal http://instance.com/#;
injection_point
proxy_pass $goal;

This vulnerability is especially harmful as a result of it permits attackers to inject instructions into the NGINX configuration, probably resulting in distant code execution.

CVE-2025-1097: auth-tls-match-cn Annotation Injection

In line with the Wiz reviews,CVE-2025-1097 includes the nginx.ingress.kubernetes.io/auth-tls-match-cn annotation, which requires a price beginning with “CN=” and adopted by a sound common expression.

Nonetheless, attackers can bypass these checks to inject arbitrary configurations. For instance, utilizing the annotation:

nginx.ingress.kubernetes.io/auth-tls-match-cn: "CN=abc #(n){}n }}nglobal_injection;n#"

can result in injection of arbitrary NGINX directives into the configuration file.

To use this, attackers want entry to a TLS certificates or keypair secret within the cluster, which is usually available in managed environments. Generally exploited secrets and techniques embody:

kube-system/konnectivity-certs
kube-system/azure-wi-webhook-server-cert
kube-system/aws-load-balancer-webhook-tls
kube-system/hubble-server-certs
kube-system/cilium-ca
calico-system/node-certs
cert-manager/cert-manager-webhook-ca
linkerd/linkerd-policy-validator-k8s-tls
linkerd/linkerd-proxy-injector-k8s-tls
linkerd/linkerd-sp-validator-k8s-tls

CVE-2025-1098: Mirror UID Injection

On this vulnerability, the mirror annotation parser permits attackers to inject arbitrary directives by manipulating the UID discipline of the ingress object.

Since this enter just isn’t sanitized by regex guidelines utilized to annotations, attackers can simply escape the supposed context and inject arbitrary NGINX configurations.

CVE-2025-1974: NGINX Configuration Code Execution

Whereas the earlier vulnerabilities permit for configuration injection, CVE-2025-1974 demonstrates how these injections might be leveraged for distant code execution.

By exploiting the ssl_engine directive inside the injected configurations, attackers can load arbitrary shared libraries from the filesystem.

That is achieved by utilizing NGINX’s consumer physique buffering function to briefly save a shared library onto the pod’s filesystem after which specifying its ProcFS path to load it as a library.

Exploitation Steps

The exploitation includes the next key steps:

1. Add Shared Library: Ship a big HTTP request with the shared library as its physique to the NGINX occasion, inflicting it to avoid wasting the library briefly.
2. Preserve File Descriptor Open: Use a Content material-Size header that exceeds the precise request dimension, protecting the file descriptor open regardless of NGINX eradicating the file.
3. Inject Directive: Ship an AdmissionReview request with the ssl_engine directive pointing to the file descriptor path.
4. Obtain RCE: The library is loaded, permitting arbitrary code execution resulting from NGINX’s elevated privileges and entry to all cluster secrets and techniques.

Mitigation and Detection

To mitigate these vulnerabilities, customers ought to:

• Replace Ingress NGINX Controller: Transfer to model 1.12.1 or 1.11.5.
• Limit Admission Webhook Entry: Make sure the admission webhook endpoint just isn’t uncovered to the general public web.
• Implement Community Insurance policies: Enable solely the Kubernetes API server to entry the admission controller.
• Disable Admission Controller Quickly: If an instantaneous replace just isn’t possible.

As these vulnerabilities expose clusters to vital danger, quick motion is suggested to safe Ingress NGINX Controllers and forestall potential takeovers.

The safety group encourages ongoing vigilance relating to admission controllers, usually neglected however crucial parts in Kubernetes environments.

Examine Actual-World Malicious Hyperlinks & Phishing Assaults With Risk Intelligence Lookup - Strive for Free