Main Vulnerability Database Exploits ID:11306 - Exploit for Input validation error in Ingress-NGINX Controller for Kubernetes - CVE-2025-1974

ID:11306 - Exploit for Input validation error in Ingress-NGINX Controller for Kubernetes - CVE-2025-1974

Published: April 11, 2025

Vulnerability identifier: #VU105987

Vulnerability risk: Critical

CVE-ID: CVE-2025-1974

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Ingress-NGINX Controller for Kubernetes

Link to public exploit:

https://github.com/Rubby2001/CVE-2025-1974-go

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an unspecified vulnerability in admission controller. A remote non-authenticated attacker with access to the pod network and execute arbitrary code in the context of the ingress-nginx controller

Remediation

Install update from vendor's website.

ID:11306 - Exploit for Input validation error in Ingress-NGINX Controller for Kubernetes - CVE-2025-1974

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human