A series of remote code execution (RCE) vulnerabilities known as “IngressNightmare” have been discovered in the Ingress NGINX Controller for Kubernetes. These vulnerabilities, identified as CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974, pose a critical threat to Kubernetes clusters, allowing attackers to gain unauthorized access to all cluster secrets and potentially take control of the entire cluster. CVE-2025-24514: auth-url Annotation Injection […]
The post Ingress NGINX RCE Vulnerability Allows Attackers to Compromise Entire Cluster appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform