{ads}

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication

Written By Monday, 24 March 2025 Add Comment



March 25, 2025 at 12:25AM

A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet. The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of

from The Hacker News https://ift.tt/FrPikdO

0 Response to "Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads