AI description
CVE-2025-59361 is an OS command injection vulnerability found in the cleanIptables mutation of Chaos Controller Manager. This vulnerability, in conjunction with CVE-2025-59358, allows unauthenticated attackers within a Kubernetes cluster to perform remote code execution across the cluster. Specifically, user-controlled inputs are directly incorporated into shell commands before execution. An attacker can exploit this to execute additional shell operations, like copying service-account tokens, potentially leading to privilege escalation and lateral movement within the cluster.
- Description
- The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.
- Source
- reefs@jfrog.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- reefs@jfrog.com
- CWE-78
- Hype score
- Not currently trending
CVE-2025-59361 (CVSS:9.8, CRITICAL) is Awaiting Analysis. The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-20..https://t.co/TcHelaYxBO #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
20 Sept 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨CVE-2025-59358~CVE-2025-59361 : Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover 🧐Deep Dive :https://t.co/zGzdsSRVFg 📊1.6K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/rwc5HnzRZD 👇Qu
@HunterMapping
17 Sept 2025
2856 Impressions
20 Retweets
53 Likes
19 Bookmarks
0 Replies
0 Quotes
Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes cluster takeover CVE-2025-59358 , CVE-2025-59360 , CVE-2025-59361 , CVE-2025-59359입니다. Chaotic Deputy의 마지막 세 가지 CVE는 심각도(CVSS 9.8)의 취약점으로, 클러스터 내 공격자
@ngnicky
16 Sept 2025
150 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
💥 NEW #Security Research: We've uncovered "Chaotic Deputy," a set of 9.8-rated critical vulnerabilities in the Chaos Mesh platform including CVE-2025-59358, CVE-2025-59359, CVE-2025-59360 and CVE-2025-59361. These flaws can lead to a full Kubernetes cluster takeover. We've ht
@JFrogSecurity
16 Sept 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: CVE-2025-59361 in Chaos Controller Manager lets unauth'd in-cluster attackers run OS commands—full cluster compromise possible! Restrict access, monitor logs, & apply mitigations now. https://t.co/gxqfiSR34t... https://t.co/cxanWgFJU1
@offseq
16 Sept 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59361 Unauthenticated Remote Code Execution in Chaos Controller Manager cleanIptables Mutation https://t.co/9fzp0qqHZA
@VulmonFeeds
15 Sept 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-59361: CRITICAL] Chaos Controller Manager's cleanIptables mutation is vulnerable to OS command injection, posing a risk of remote code execution by unauthenticated in-cluster attackers.#cve,CVE-2025-59361,#cybersecurity https://t.co/YwnMaYaPzc https://t.co/ZIlXJNFUOc
@CveFindCom
15 Sept 2025
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-59361 The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-clust… https://t.co/s7pSZ2SmkZ
@CVEnew
15 Sept 2025
288 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes