CVE-2025-1974

9.8

CRITICAL CVSS 3.1

Kubernetes Ingress-Nginx Code Execution Vulnerability

Description

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

INFO

Published Date :

March 25, 2025, 12:15 a.m.

Last Modified :

March 27, 2025, 4:45 p.m.

Remotely Exploit :

Yes !

Source :

[email protected]

Affected Products

The following products are affected by CVE-2025-1974 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product	Action
1	Kubernetes	ingress-nginx

: Total Affected Vendor : 1 | Products : 1

CVSS Scores

The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.

Score	Version	Severity	Vector	Exploitability Score	Impact Score	Source
	CVSS 3.1	CRITICAL				[email protected]

Solution

Follow the instructions below to mitigate the CVE-2025-1974 vulnerability.

Upgrade to Ingress-nginx Controller 1.11.5/1.12.1.

Public PoC/Exploit Available at Github

CVE-2025-1974 has a 61 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-1974.

URL	Resource
https://https://github.com/kubernetes/kubernetes/issues/131009

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-1974 is associated with the following CWEs:

CWE-653: Improper Isolation or Compartmentalization

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-1974 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Shitcontrol666/ONRE-Toolkit-k8s

small toolkit written by AI, for fast security checks in your k8s cluster

Python Shell

Updated: 18 hours, 52 minutes ago

0 stars 0 fork 0 watcher

Born at : Aug. 17, 2025, 10:24 p.m. This repo has been linked 1 different CVEs too.

BiiTts/POC-IngressNightmare-CVE-2025-1974

None

Python C Shell

Updated: 1 week ago

0 stars 0 fork 0 watcher

Born at : Aug. 10, 2025, 6:04 p.m. This repo has been linked 1 different CVEs too.

tuananh244/First_agent

None

Python PowerShell Shell Batchfile JavaScript

Updated: 1 week ago

0 stars 0 fork 0 watcher

Born at : Aug. 3, 2025, 6:22 p.m. This repo has been linked 1 different CVEs too.

flavio/sbom-merger

An unfinished experiment merging vulnerability reports produced by trivy and grype

Makefile Go

Updated: 3 weeks ago

0 stars 0 fork 0 watcher

Born at : July 28, 2025, 7:12 a.m. This repo has been linked 3 different CVEs too.

yembors64632/cve_monitor_Public

None

Updated: 4 days, 9 hours ago

1 stars 0 fork 0 watcher

Born at : July 23, 2025, 11:54 a.m. This repo has been linked 88 different CVEs too.

Armand2002/Exploit-CVE-2025-1974-Lab

None

Updated: 1 month ago

0 stars 0 fork 0 watcher

Born at : July 14, 2025, 1:46 p.m. This repo has been linked 1 different CVEs too.

alexander-rebai/test-sast-issues

None

C Java Kotlin Python Ruby TypeScript HCL Dockerfile Shell

Updated: 1 month, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : July 2, 2025, 9:40 a.m. This repo has been linked 2 different CVEs too.

Lern0n/Lernon-POC

备份的漏洞库，3月开始我们来维护

Updated: 1 month ago

2 stars 0 fork 0 watcher

Born at : June 30, 2025, 9:14 a.m. This repo has been linked 216 different CVEs too.

tbc957/k8s

None

Updated: 1 month, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : June 30, 2025, 3:58 a.m. This repo has been linked 4 different CVEs too.

B1ack4sh/Blackash-CVE-2025-1974

CVE-2025-1974

Makefile C Go

Updated: 1 month, 2 weeks ago

3 stars 0 fork 0 watcher

Born at : June 26, 2025, 9:24 a.m. This repo has been linked 4 different CVEs too.

oLy0/Vulnerability

None

Updated: 2 months ago

0 stars 0 fork 0 watcher

Born at : June 15, 2025, 2:32 a.m. This repo has been linked 216 different CVEs too.

aninfosec/IngressNightmare

None

Python C

Updated: 2 months ago

0 stars 0 fork 0 watcher

Born at : June 14, 2025, 5:49 p.m. This repo has been linked 1 different CVEs too.

jjii44nn/CSC

用于云环境安全检查的小工具

Java

Updated: 1 month, 4 weeks ago

1 stars 0 fork 0 watcher

Born at : June 10, 2025, 2:37 a.m. This repo has been linked 1 different CVEs too.

oLy0/Vulnerability

None

Updated: 2 months, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : May 30, 2025, 2:59 a.m. This repo has been linked 213 different CVEs too.

Rickerd12/exploit-cve-2025-1974

None

Makefile Shell Python Assembly C

Updated: 2 months, 4 weeks ago

0 stars 0 fork 0 watcher

Born at : May 19, 2025, 2:51 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-1974 vulnerability anywhere in the article.

Daily CyberSecurity

Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps

Image: Wiz Research In a significant finding that highlights the risks associated with emerging AI development platforms, Wiz Research has uncovered a critical vulnerability in Base44, a popular vibe ...

Published Date: Jul 30, 2025 (2 weeks, 5 days ago)

CrowdStrike.com

Kubernetes IngressNightmare Vulnerabilities: What You Need to Know

We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ...

Published Date: Apr 23, 2025 (3 months, 3 weeks ago)

CrowdStrike.com

Kubernetes IngressNightmare Vulnerabilities: What You Need to Know

Published Date: Apr 23, 2025 (3 months, 3 weeks ago)

CrowdStrike.com

Kubernetes IngressNightmare Vulnerabilities: What You Need to Know

Published Date: Apr 23, 2025 (3 months, 3 weeks ago)

CrowdStrike.com

Kubernetes IngressNightmare Vulnerabilities: What You Need to Know

Published Date: Apr 23, 2025 (3 months, 3 weeks ago)