A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.
The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of 9.8, have been collectively codenamed IngressNightmare by cloud security firm Wiz. It’s worth noting that the shortcomings do not impact NGINX Ingress Controller, which is another ingress controller implementation for NGINX and NGINX Plus.
“Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover,” the company said in a report shared with The Hacker News.
IngressNightmare, at its core, affects the admission controller component of the Ingress NGINX Controller for Kubernetes. About 43% of cloud environments are vulnerable to these vulnerabilities.
Ingress NGINX Controller uses NGINX as a reverse proxy and load balancer, making it possible to expose HTTP and HTTPS routes from outside a cluster to services within it.
The vulnerability takes advantage of the fact that admission controllers, deployed within a Kubernetes pod, are accessible over the network without authentication.
Specifically, it involves injecting an arbitrary NGINX configuration remotely by sending a malicious ingress object (aka AdmissionReview requests) directly to the admission controller, resulting in code execution on the Ingress NGINX Controller’s pod.
“The admission controller’s elevated privileges and unrestricted network accessibility create a critical escalation path,” Wiz explained. “Exploiting this flaw allows an attacker to execute arbitrary code and access all cluster secrets across namespaces, that could lead to complete cluster takeover.”
The shortcomings are listed below –
- CVE-2025-24514 – auth-url Annotation Injection
- CVE-2025-1097 – auth-tls-match-cn Annotation Injection
- CVE-2025-1098 – mirror UID Injection
- CVE-2025-1974 – NGINX Configuration Code Execution
In an experimental attack scenario, a threat actor could upload a malicious payload in the form of a shared library to the pod by using the client-body buffer feature of NGINX, followed by sending an AdmissionReview request to the admission controller.
The request, in turn, contains one of the aforementioned configuration directive injections that causes the shared library to be loaded, effectively leading to remote code execution.
Hillai Ben-Sasson, cloud security researcher at Wiz, told The Hacker News that the attack chain essentially involves injecting malicious configuration, and utilizing it to read sensitive files and run arbitrary code. This could subsequently permit an attacker to abuse a strong Service Account in order to read Kubernetes secrets and ultimately facilitate cluster takeover.
Following responsible disclosure, the vulnerabilities have been addressed in Ingress NGINX Controller versions 1.12.1, 1.11.5, and 1.10.7.
Users are recommended to update to the latest version as soon as possible and ensure that the admission webhook endpoint is not exposed externally.
As mitigations, it’s advised to limit only the Kubernetes API Server to access the admission controller and temporarily disable the admission controller component if it’s not needed.