CVE-2025-24514

Published Mar 25, 2025

Last updated a month ago

CVSS high 8.8

IngressNightmare

Kubernetes

NGINX

Overview

Description: A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Source: jordan@liggitt.net
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

jordan@liggitt.net: CWE-20

Hype score: Not currently trending

🚨 CVE-2025-24514 : CRITICAL KUBERNETES RCE ALERT 🚨 A critical unauthenticated remote code execution vulnerability has been disclosed in ingress-nginx, exploitable via malicious injection in the `https://t.co/PSj0ioqbk2` annotation. A single crafted Ingress resource can lea
@OstorlabSec
2 Feb 2026
320 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
🚨CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974: PoC code to exploit the IngressNightmare vulnerabilities GitHub: https://t.co/TdNZwLsCcm https://t.co/mr7rRBuIUc
@DarkWebInformer
15 Oct 2025
12271 Impressions
47 Retweets
184 Likes
90 Bookmarks
0 Replies
0 Quotes
CVE-2025-24514:A security issue was discovered in ingress-nginx https://t.co/QrDtY9tO5e… where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution https://t.co/8zSJ1d0kcV… https://t.co/dvYMtEDMIE
@sirjameshackz
2 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24514:A security issue was discovered in ingress-nginx https://t.co/7gWmKPZPIV where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution https://t.co/mA0zycqYQ8 https://t.co/yjqnqX1lud
@cyber_advising
12 Jun 2025
1159 Impressions
2 Retweets
11 Likes
6 Bookmarks
0 Replies
0 Quotes
Recently, the cloud security platform Wiz Research disclosed five security vulnerabilities in Ingress Nginx, specifically CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974. These are unauthenticated remote code execution vulnerabilities in the Kubernetes Ingress htt
@alibaba_cloud
21 Apr 2025
2712 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Recently, the cloud security platform Wiz Research disclosed five security vulnerabilities in Ingress Nginx, specifically CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974. These are unauthenticated remote code execution vulnerabilities in the Kubernetes Ingress htt
@alibaba_cloud
21 Apr 2025
110 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/QeoxJBRLwf https://t.co/wwtWqOL4AR
@IT_Peurico
3 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/9Lid64NsNm https://t.co/a9RJUkGLNZ
@NickBla41002745
31 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#wiz #IngressNightmare #POC #Security CVE-2025-24514 - auth-url injection -- when IsAuthURL = true CVE-2025-1097 - auth-tls-match-cn injection -- when IsAuthTLSMatchCN = true CVE-2025-1098 – mirror UID injection -- when IsMirrorWithUID = true Exps here: https://t.co/V9KzF45OJW
@Skyworship2
30 Mar 2025
556 Impressions
0 Retweets
5 Likes
4 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/UyZeLktPnH
@SeniorHack82173
28 Mar 2025
11 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. https://t.co/DKk60FqzHY
@AfricaCERT
27 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/DifyO9PFuI https://t.co/1wwKpK8hcj
@DarkWebInformer
27 Mar 2025
18614 Impressions
66 Retweets
239 Likes
71 Bookmarks
2 Replies
2 Quotes
IngressNightmare PoC available (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/tWWdrj0eLw
@t3l3machus
27 Mar 2025
944 Impressions
13 Retweets
28 Likes
10 Bookmarks
0 Replies
0 Quotes
🔴 Major vulnerabilities found in Ingress NGINX controller for Kubernetes, known as "Ingress Nightmare." Unauthenticated remote code execution is a serious risk! 🛡️ CVEs: CVE-2025-24513, CVE-2025-24514. #K8s #NGINX #USA link: https://t.co/8i9eCYD87l https://t.co/W990iBqdoX
@TweetThreatNews
27 Mar 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
My week thanks to CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-29927, CVE-2025-24813....... https://t.co/QM3hlv6IlT
@mruston
26 Mar 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Our team has just successfully reproduced the IngressNightmare vulnerability (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) and created a custom exploit achieving RCE. It's a Pre-Auth RCE affecting Ingress NGINX that allows complete cluster takeover. We'll htt
@carlos_crowsec
26 Mar 2025
51970 Impressions
164 Retweets
743 Likes
361 Bookmarks
10 Replies
2 Quotes
Safeguard Kubernetes from critical RCE threats (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974). Explore ASPM, remediation strategies, and Phoenix Security insights to secure your NGINX ingress and block advanced attacks. #kubernetes #vulnerability #nginx #aspm https
@sec_phoenix
26 Mar 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/ndSChz8g50 https://t.co/VSSptdSAm7
@Trej0Jass
26 Mar 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX #IngressNightmare CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 CVE-2025-1974, https://t.co/s8USBfedJJ
@freedomhack101
26 Mar 2025
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/0QPPHQeRNI https://t.co/e3UFJ0twAu
@secured_cyber
26 Mar 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-24514 🔴 HIGH (8.8) 🏢 kubernetes - ingress-nginx 🏗️ 0 🔗 https://t.co/nVjYHB9TqW #CyberCron #VulnAlert #InfoSec https://t.co/uB8yc8KHSw
@cybercronai
25 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Five newly disclosed critical vulnerabilities in the Ingress NGINX Controller for Kubernetes—collectively dubbed IngressNightmare — pose a severe remote code execution (RCE) risk to cloud environments. These flaws (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and
@cytexsmb
25 Mar 2025
152 Impressions
1 Retweet
2 Likes
0 Bookmarks
2 Replies
2 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/M5466CUVpq https://t.co/kLG5oaB8HP
@pcasano
25 Mar 2025
79 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Patch up your Kubernetes installs. ⚠️ Affected @kubernetesio versions: < v1.11.0 v1.11.0 - 1.11.4 v1.12.0 🦠Vulnerabilities CVE-2025-1974 CVE-2025-1097 CVE-2025-1098 CVE-2025-24514 CVE-2025-24513 https://t.co/zrLTDB2rU4
@gothburz
25 Mar 2025
192 Impressions
0 Retweets
52 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL ALERT: #IngressNightmare - Four critical #RCE vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) in #NGINX Ingress Controller for Kubernetes with #CVSS 9.8 score. This could affect a massive number of environments! https://t.co/aAepuv29JX ht
@CheckmarxZero
25 Mar 2025
400 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/mtXaAEWWs5
@SimoKohonen
25 Mar 2025
446 Impressions
2 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX -- CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/WNhg2vv1BG
@SimoKohonen
25 Mar 2025
3 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX - CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/oHXasXgHCJ
@SimoKohonen
25 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/n4lHTFJokd https://t.co/iNInsgle0s
@Trej0Jass
25 Mar 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-24514: HIGH] Security flaw in ingress-nginx allows injection through `auth-url` Ingress annotation, risking arbitrary code execution & Secret disclosure in controller context. Ensure immediate action.#cybersecurity,#vulnerability https://t.co/Py3SIWVNDD https://t.co
@CveFindCom
25 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Múltiples vulnerabilidades recientes de autenticación RCE en NGNIX (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 y CVE-2025-1974) han sido denominadas colectivamente como IngressNightmare. 🧉 https://t.co/sjCbocBglv
@MarquisioX
24 Mar 2025
143 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica en NGINX Controller para Kubernetes permite RCE sin autenticación CVE-2025-24513 CVE-2025-24514 CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 IngressNightmare https://t.co/HawNQjP6C5 https://t.co/VwLI9zvGT4
@elhackernet
24 Mar 2025
13110 Impressions
76 Retweets
240 Likes
74 Bookmarks
1 Reply
0 Quotes

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)•CVE-2025-15566
A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.•CVE-2025-4563
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)•CVE-2025-1098
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)•CVE-2025-1974
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster.•CVE-2025-24513

References

Sources include official advisories and independent security research.

https://nvd.nist.gov/vuln/detail/CVE-2025-24514
https://github.com/kubernetes/kubernetes/issues/131006
https://security.netapp.com/advisory/ntap-20250328-0008/
https://www.exploit-db.com/exploits/52475

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Related CVEs

References