Remote Ingress NGINX Controller RCE exploit chain (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, CVE-2025-1974)

[no1]

A new chain of vulnerabilities calles IngressNightmare is trending.

Remote Code Execution Vulnerabilities in Ingress NGINX | Wiz Blog

Wiz Research uncovered RCE vulnerabilities (CVE-2025-1097, 1098, 24514, 1974) in Ingress NGINX for Kubernetes allowing cluster-wide secret access.

www.wiz.io

Found this poc :
https://github.com/sandumjacob/IngressNightmare-POCs/tree/main/CVE-2025-1974

but it does not includes the full chain and according to the author, has been written before the publication so should be not perfect.
Please share here if someone publish further researches on this, I think it needs a manifest with vulnerable annotation to be added for it to work but I'll be able to further test in local env tonight.

 

[Anonify]

Looking forward for the full chain poc

 

[Exited3n]

Looking forward for the full chain poc

GitHub - yoshino-s/CVE-2025-1974

Contribute to yoshino-s/CVE-2025-1974 development by creating an account on GitHub.

github.com

 

[Anonify]

GitHub - hakaioffsec/IngressNightmare-PoC: This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).

This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974). - hakaioffsec/IngressNightmare-PoC

github.com

Also this got released 2 hours ago