Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974)

Overview Recently, NSFOCUS CERT detected that Kubernetes issued a security announcement and fixed the Kubernetes Ingress-nginx remote code execution vulnerability (CVE-2025-1974). The Ingress controller deployed in Kubernetes Pod can be accessed through the network without authentication. When the Admission webhook is open, an unauthenticated attacker can remotely inject any nginx configuration by sending a special […]

The post Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974) appeared first on Security Boulevard.