URL has been copied successfully!
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication


Tags: , , , , , , ,

A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of

First seen on thehackernews.com

Jump to article: thehackernews.com/2025/03/critical-ingress-nginx-controller.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top 12 ways hackers broke into your systems in 2024
  2. Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
  3. CISA warns of critical, high-risk flaws in ICS products from four vendors
  4. Schwachstelle in der Sitecore-Experience-Platform ermöglicht RemoteExecution ohne Authentifizierung