IngressNightmare: Four CVEs Enable Full Kubernetes Cluster Takeover via NGINX Admission Controller

A series of critical vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively dubbed "IngressNightmare," have been publicly disclosed by researchers at Wiz. The flaws—CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974—affect the admission controller component of the Ingress-NGINX, a widely deployed ingress controller used to manage traffic in Kubernetes environments. Combined, these vulnerabilities allow unauthenticated attackers to inject malicious NGINX directives, ultimately enabling remote code execution (RCE) and full cluster takeover. Wiz emphasized the widespread exposure, stating: "Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering over 6,500 clusters, including Fortune 500 companies, that publicly expose vulnerable Kubernetes ingress controllers’ admission controllers to the public internet—putting them at immediate critical risk."

Each of the first three vulnerabilities—CVE-2025-1097, CVE-2025-1098, and CVE-2025-24514—enables configuration injection into NGINX through different ingress object fields, including annotations and object metadata. The final piece, CVE-2025-1974, allows these injected configurations to be executed during the NGINX validation phase via the nginx -t command, exploiting an undocumented use of the ssl_engine directive to load malicious shared libraries. As Wiz explains: “During the configuration validation phase, the injected NGINX configuration causes the NGINX validator to execute code, allowing remote code execution (RCE) on the Ingress NGINX Controller’s pod,” adding that, “The admission controller’s elevated privileges and unrestricted network accessibility create a critical escalation path. Exploiting this flaw allows an attacker to execute arbitrary code and access all cluster secrets across namespaces, that could lead to complete cluster takeover.”

The Kubernetes maintainers have released patched versions (v1.12.1, v1.11.5, v1.10.7) addressing all four CVEs. Organizations are strongly advised to upgrade immediately and restrict access to the admission controller by enforcing strict network policies. Wiz also provides guidance for short-term mitigations, including disabling the admission webhook if patching is not immediately possible. As noted by Wiz Head of Research Nir Ohfeld: "After working closely with the Kubernetes maintainers for months — during which we found multiple vulnerabilities and repeatedly bypassed their proposed patches — we arrived at a fix that completely closes the attack surface we uncovered."

This disclosure highlights a broader concern in Kubernetes security: admission controllers often run with high privileges and are exposed without proper authentication. According to Wiz’s research, many environments expose these components due to default configurations and lack of awareness, making them an attractive target. Kubernetes’ widespread use in hosting critical workloads, including databases, AI/ML models, and business applications reinforces the gravity of the situation.