CVE-2025-1098
Published Mar 25, 2025
Last updated 21 days ago
AI description
CVE-2025-1098 is one of five critical vulnerabilities disclosed in the Ingress NGINX Controller for Kubernetes. These vulnerabilities, collectively named "IngressNightmare," could lead to unauthenticated remote code execution. The vulnerability affects the admission controller component and allows attackers to inject arbitrary Nginx configurations by sending malicious ingress objects. This can result in code execution on the Ingress NGINX Controller's pod and unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster, potentially leading to a complete cluster takeover.
- Description
- A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
- Source
- jordan@liggitt.net
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- jordan@liggitt.net
- CWE-20
- Hype score
- Not currently trending
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/QeoxJBRLwf https://t.co/wwtWqOL4AR
@IT_Peurico
3 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/9Lid64NsNm https://t.co/a9RJUkGLNZ
@NickBla41002745
31 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#wiz #IngressNightmare #POC #Security CVE-2025-24514 - auth-url injection -- when IsAuthURL = true CVE-2025-1097 - auth-tls-match-cn injection -- when IsAuthTLSMatchCN = true CVE-2025-1098 – mirror UID injection -- when IsMirrorWithUID = true Exps here: https://t.co/V9KzF45OJW
@Skyworship2
30 Mar 2025
556 Impressions
0 Retweets
5 Likes
4 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/UyZeLktPnH
@SeniorHack82173
28 Mar 2025
11 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. https://t.co/DKk60FqzHY
@AfricaCERT
27 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/DifyO9PFuI https://t.co/1wwKpK8hcj
@DarkWebInformer
27 Mar 2025
18614 Impressions
66 Retweets
239 Likes
71 Bookmarks
2 Replies
2 Quotes
IngressNightmare PoC available (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/tWWdrj0eLw
@t3l3machus
27 Mar 2025
944 Impressions
13 Retweets
28 Likes
10 Bookmarks
0 Replies
0 Quotes
My week thanks to CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-29927, CVE-2025-24813....... https://t.co/QM3hlv6IlT
@mruston
26 Mar 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Our team has just successfully reproduced the IngressNightmare vulnerability (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) and created a custom exploit achieving RCE. It's a Pre-Auth RCE affecting Ingress NGINX that allows complete cluster takeover. We'll htt
@carlos_crowsec
26 Mar 2025
51970 Impressions
164 Retweets
743 Likes
361 Bookmarks
10 Replies
2 Quotes
Safeguard Kubernetes from critical RCE threats (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974). Explore ASPM, remediation strategies, and Phoenix Security insights to secure your NGINX ingress and block advanced attacks. #kubernetes #vulnerability #nginx #aspm https
@sec_phoenix
26 Mar 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/ndSChz8g50 https://t.co/VSSptdSAm7
@Trej0Jass
26 Mar 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX #IngressNightmare CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 CVE-2025-1974, https://t.co/s8USBfedJJ
@freedomhack101
26 Mar 2025
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/0QPPHQeRNI https://t.co/e3UFJ0twAu
@secured_cyber
26 Mar 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💬New Blog Post 👉 IS NGINX IngressNightmare bad? Bad news it is: Critical Remote Code Execution Threats (CVE-2025-1097, CVE-2025-1098, CVE-20 - https://t.co/lXOEuDJdNk
@sec_phoenix
26 Mar 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Five newly disclosed critical vulnerabilities in the Ingress NGINX Controller for Kubernetes—collectively dubbed IngressNightmare — pose a severe remote code execution (RCE) risk to cloud environments. These flaws (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and
@cytexsmb
25 Mar 2025
152 Impressions
1 Retweet
2 Likes
0 Bookmarks
2 Replies
2 Quotes
🚨 CVE-2025-1098 🔴 HIGH (8.8) 🏢 kubernetes - ingress-nginx 🏗️ 0 🔗 https://t.co/eGMAvwyIJZ #CyberCron #VulnAlert #InfoSec https://t.co/YbMz7hmPm8
@cybercronai
25 Mar 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/M5466CUVpq https://t.co/kLG5oaB8HP
@pcasano
25 Mar 2025
79 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Patch up your Kubernetes installs. ⚠️ Affected @kubernetesio versions: < v1.11.0 v1.11.0 - 1.11.4 v1.12.0 🦠Vulnerabilities CVE-2025-1974 CVE-2025-1097 CVE-2025-1098 CVE-2025-24514 CVE-2025-24513 https://t.co/zrLTDB2rU4
@gothburz
25 Mar 2025
192 Impressions
0 Retweets
52 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL ALERT: #IngressNightmare - Four critical #RCE vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) in #NGINX Ingress Controller for Kubernetes with #CVSS 9.8 score. This could affect a massive number of environments! https://t.co/aAepuv29JX ht
@CheckmarxZero
25 Mar 2025
400 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/mtXaAEWWs5
@SimoKohonen
25 Mar 2025
446 Impressions
2 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX -- CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/WNhg2vv1BG
@SimoKohonen
25 Mar 2025
3 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX - CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/oHXasXgHCJ
@SimoKohonen
25 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/n4lHTFJokd https://t.co/iNInsgle0s
@Trej0Jass
25 Mar 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-1098: HIGH] Security issue in ingress-nginx: Exploiting 'mirror-target' and 'mirror-host' Ingress annotations could lead to arbitrary code execution and disclosure of Secrets. More details at https://git...#cybersecurity,#vulnerability https://t.co/2pqA08pv8k https://t.
@CveFindCom
25 Mar 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Múltiples vulnerabilidades recientes de autenticación RCE en NGNIX (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 y CVE-2025-1974) han sido denominadas colectivamente como IngressNightmare. 🧉 https://t.co/sjCbocBglv
@MarquisioX
24 Mar 2025
143 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica en NGINX Controller para Kubernetes permite RCE sin autenticación CVE-2025-24513 CVE-2025-24514 CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 IngressNightmare https://t.co/HawNQjP6C5 https://t.co/VwLI9zvGT4
@elhackernet
24 Mar 2025
13110 Impressions
76 Retweets
240 Likes
74 Bookmarks
1 Reply
0 Quotes