CVE-2025-24514 is a high-severity configuration injection vulnerability in the Kubernetes ingress-nginx controller. The issue arises from unsafe handling of the auth-url Ingress annotation, which can be manipulated to inject arbitrary NGINX configuration into the generated nginx configuration used by ingress-nginx. This attacker-controlled configuration can cause nginx to misbehave and, according to the advisory context, may lead to arbitrary code execution in the context of the ingress-nginx controller. The vulnerability also enables disclosure of Kubernetes Secrets accessible to the controller; in default deployments, ingress-nginx commonly has access to Secrets cluster-wide. Affected versions are ingress-nginx controller versions prior to 1.11.5 and 1.12.1, with fixes released in 1.11.5 and 1.12.1.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
auth-url annotation can inject arbitrary NGINX configuration, potentially achieving remote code execution in the ingress-nginx controller context. Because the controller often has broad Secret access, exploitation can also disclose Kubernetes Secrets, including in common default configurations where access is cluster-wide. Exposure of those Secrets can enable further privilege escalation and, in common scenarios, contribute to full cluster compromise.If you can’t patch tonight, do this now.
auth-url, through stricter RBAC and admission controls. Limit the ingress-nginx controller's access to Kubernetes Secrets to the minimum necessary rather than cluster-wide access where possible. Increase monitoring of ingress-nginx pod logs and Kubernetes API activity for suspicious Ingress updates. The broader ingress-nginx guidance in the provided content also recommends disabling the Validating Admission Controller as a temporary mitigation for the related vulnerability set, though that mitigation is primarily tied to CVE-2025-1974 rather than specifically to CVE-2025-24514.Patch, then assume compromise.
auth-url values, and assess whether controller-accessible Secrets may have been exposed prior to remediation.2 valid exploits after Mallory filtered fakes, detection scripts, and README-only repos (2 hidden).
This repository contains two Python scripts, IngressNightmareV1.py and IngressNightmareV2.py, which are nearly identical in structure and function. Both scripts implement an exploit targeting Kubernetes environments, specifically leveraging exposed ingress endpoints and admission webhooks. The exploit works in two stages: first, it uploads a malicious ELF shared object (provided as a base64-encoded string in the script) to the ingress endpoint via a crafted HTTP POST request. Second, it attempts to brute-force file descriptors on the admission webhook endpoint by sending requests to /proc/{pid}/fd/{fd} paths, potentially exploiting a vulnerability that allows the attacker to keep the malicious file open and trigger its execution. The scripts use threading and concurrent requests to maximize the chance of success. The main capabilities are remote code execution or privilege escalation within a Kubernetes cluster. The scripts require the attacker to provide the ingress and admission webhook URLs as arguments. No hardcoded IPs or domains are present; all endpoints are user-supplied. The payload is a binary ELF shared object, indicating a high level of operational maturity.
This repository provides a functional exploit for unauthenticated remote code execution (RCE) vulnerabilities in the Ingress NGINX Controller for Kubernetes (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974). The exploit consists of a Python script (exploit.py) that orchestrates the attack, a C template (lib_template.c) for generating a malicious shared object (evil_engine.so) containing a reverse shell payload, and a crafted AdmissionReview JSON (review.json) for the admission controller. The workflow involves compiling the shared object with attacker-supplied host and port, uploading it to the ingress pod via a manipulated HTTP POST request, and brute-forcing Linux file descriptors via the admission webhook to trigger the payload. The exploit targets Kubernetes clusters with vulnerable Ingress NGINX Controller versions and requires both the public ingress URL and the internal admission webhook URL. The payload, when loaded, provides a reverse shell to the attacker. The repository is well-structured, with clear separation of exploit logic, payload generation, and supporting files. No hardcoded IPs or domains are present; endpoints are supplied at runtime. The exploit is operational and demonstrates a practical attack chain for cluster compromise.
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
12 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
One of a set of critical Ingress NGINX Controller vulnerabilities that can lead to unauthenticated remote code execution in Kubernetes environments.
A high-severity configuration injection vulnerability in ingress-nginx controller via unsanitized auth-url annotation, potentially allowing attackers to inject malicious NGINX configuration.
One of the ingress-nginx vulnerabilities patched in the March 2025 release; the article groups it among flaws involving nginx configuration handling that could contribute to Secret exposure and cluster takeover.
Ingress-nginx annotation injection issue allowing a low-privileged attacker to inject arbitrary NGINX configuration via auth-url, potentially enabling remote code execution and ingress resource compromise.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.