Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters.

“Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering over 6,500 clusters, including Fortune 500 companies, that publicly expose vulnerable Kubernetes ingress controllers’ admission controllers to the public internet—putting them at immediate critical risk,” the researchers noted.

The “IngressNightmare” vulnerabilities

Ingress NGINX Controller for Kubernetes – not to be confused with F5’s NGINX Ingress Controller – is a widely used open source controller for managing network traffic in Kubernetes clusters. It uses the NGINX web server as a reverse proxy and load balancer.

Ingress is a Kubernetes feature that is used for exposing workload pods (i.e., containers running on a cluster) externally. Ingress NGINX Controller for Kubernetes uses nginx configurations based on Ingress objects to route external traffic to applications running within Kubernetes clusters.

“Proper handling of these nginx configuration parameters is crucial, because ingress-nginx needs to allow users significant flexibility while preventing them from accidentally or intentionally tricking nginx into doing things it shouldn’t,” Kubernetes’ Tabitha Sable explained.

Unfortunately, the discovered vulnerabilities – which have collectively been dubbed “IngressNightmare” – may allow unauthenticated attackers to “cause nginx to misbehave” by serving a specially-crafted Ingress object.

The vulnerabilities are:

• CVE-2025-1097 – Allows for configuration injection via the “auth-tls-match-cn” Ingress annotation
• CVE-2025-1098 – Allows for configuration injection via the “mirror-target” and “mirror-host” Ingress annotations
• CVE-2025-24514 – Allows for configuration injection via the “auth-url” Ingress annotation
• CVE-2025-1974 – Allows for arbitrary code execution in the context of the ingress-nginx controller
• CVE-2025-24513 – Allows for directory traversal within the target container

“The most serious of [the] vulnerabilities, CVE-2025-1974, rated 9.8 CVSS, allows anything on the Pod network to exploit configuration injection vulnerabilities via the Validating Admission Controller feature of ingress-nginx. When combined with [the configuration injection] vulnerabilities, CVE-2025-1974 means that anything on the Pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required,” Sable explained.

“In many common scenarios, the Pod network is accessible to all workloads in your cloud VPC, or even anyone connected to your corporate network!”

IngressNightmare vulnerabilities cab be exploited by external and internal attackers (Source: Wiz)

Upgrade the controller or deploy mitigations

Wiz researchers have released technical details about the vulnerabilities and a video demonstration of their RCE exploit.

Ingress-nginx maintainers have fixed the vulnerabilities in v1.12.1 and v1.11.5 of the controller, which should be implemented by cluster admins immediately.

“If you can’t upgrade right away, you can significantly reduce your risk by turning off the Validating Admission Controller feature of ingress-nginx,” Sable pointed out, and advised for this step to be only temporary.

“If you turn off the Validating Admission Controller feature as a mitigation for CVE-2025-1974, remember to turn it back on after you upgrade. This feature provides important quality of life improvements for your users, warning them about incorrect Ingress configurations before they can take effect.”

Wiz researchers have also noted that enforcing strict network policies so only the Kubernetes API Server can access the admission controller can serve as a mitigation.

AWS has stated that Amazon Elastic Kubernetes Service does not provide or install the ingress-nginx controller and is not affected by these issues, but that customers who have installed this controller on their clusters should update to the latest version. Google Cloud has issued similar advice for Google Kubernetes Engine users.