A set of five critical security vulnerabilities have been identified in the Ingress NGINX Controller for Kubernetes, which could result in unauthenticated remote code execution, putting over 6,500 clusters at risk due to exposure to the public internet.
These vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974), with a CVSS score of 9.8, have been collectively referred to as IngressNightmare by the cloud security firm Wiz. It is essential to note that the vulnerabilities do not affect NGINX Ingress Controller, which is another ingress controller implementation for NGINX and NGINX Plus.
According to Wiz, exploiting these vulnerabilities allows unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, potentially resulting in cluster takeover. The company stated this in a report shared with The Hacker News.
The IngressNightmare vulnerability fundamentally affects the admission controller component of the Ingress NGINX Controller for Kubernetes, with approximately 43% of cloud environments vulnerable to these vulnerabilities.
The Ingress NGINX Controller utilizes NGINX as a reverse proxy and load balancer, enabling HTTP and HTTPS routes from outside a cluster to services within it to be exposed.
The vulnerability exploits the fact that admission controllers, deployed within a Kubernetes pod, are accessible over the network without authentication.
Specifically, it involves injecting an arbitrary NGINX configuration remotely by sending a malicious ingress object (also known as AdmissionReview requests) directly to the admission controller, resulting in code execution on the Ingress NGINX Controller’s pod.
Wiz explained that the admission controller’s elevated privileges and unrestricted network accessibility create a critical escalation path. Exploiting this flaw allows an attacker to execute arbitrary code and access all cluster secrets across namespaces, potentially leading to complete cluster takeover.
The identified vulnerabilities are as follows –
- CVE-2025-24514 – auth-url Annotation Injection
- CVE-2025-1097 – auth-tls-match-cn Annotation Injection
- CVE-2025-1098 – mirror UID Injection
- CVE-2025-1974 – NGINX Configuration Code Execution
In an experimental attack scenario, a threat actor could upload a malicious payload in the form of a shared library to the pod using the client-body buffer feature of NGINX, followed by sending an AdmissionReview request to the admission controller.
The request contains one of the aforementioned configuration directive injections, causing the shared library to be loaded and resulting in remote code execution.
Hillai Ben-Sasson, a cloud security researcher at Wiz, told The Hacker News that the attack chain involves injecting malicious configuration and utilizing it to read sensitive files and run arbitrary code, potentially allowing an attacker to abuse a strong Service Account to read Kubernetes secrets and ultimately facilitate cluster takeover.
Following responsible disclosure, the vulnerabilities have been addressed in Ingress NGINX Controller versions 1.12.1, 1.11.5, and 1.10.7.
Users are advised to update to the latest version as soon as possible and ensure that the admission webhook endpoint is not exposed externally.
As mitigations, it is recommended to limit access to the admission controller to only the Kubernetes API Server and temporarily disable the admission controller component if it is not needed.
