National Cyber Warfare Foundation (NCWF)

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
0 user ratings		2025-03-24 19:25:33
milo
Blue Team (CND)
A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.
The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.