{"vulnerability": "CVE-2025-24514", "sightings": [{"uuid": "048feebb-07df-4366-9a5d-a1c597ee1e73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/sushicomabacate.com/post/3ll6wwsqkdc2t", "content": "", "creation_timestamp": "2025-03-25T09:20:01.551127Z"}, {"uuid": "0e42252a-1009-4876-97cd-26c26c997db6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/buzzleaktv.bsky.social/post/3llbt7nbtgw2u", "content": "", "creation_timestamp": "2025-03-26T12:51:21.157269Z"}, {"uuid": "fc8a72e6-2b02-4998-887e-e012f46beebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llam2asygc2x", "content": "", "creation_timestamp": "2025-03-26T01:10:24.196196Z"}, {"uuid": "cd734f10-7246-4405-9e88-3cbc151afb6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.618735Z"}, {"uuid": "da7c6c80-3199-4a96-b784-8a0e3bb50ac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3llpstnb6h52n", "content": "", "creation_timestamp": "2025-04-01T02:21:54.257661Z"}, {"uuid": "04031bd6-52be-4a5c-bb60-20cad639ebd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3llp562uepu2u", "content": "", "creation_timestamp": "2025-03-31T19:54:01.763902Z"}, {"uuid": "c3e954af-e8e2-4b8f-bbea-dbee26882b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll7i4umzupb2", "content": "", "creation_timestamp": "2025-03-25T14:35:32.381134Z"}, {"uuid": "f60d961e-3787-44b0-a9e3-924a6f330e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qysdxh22k", "content": "", "creation_timestamp": "2025-03-24T22:01:06.407935Z"}, {"uuid": "93b99000-8994-4f90-bde8-67c38d71bfd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ll7jjzlnne2b", "content": "", "creation_timestamp": "2025-03-25T14:52:52.795346Z"}, {"uuid": "9c833126-2f65-4c8e-9988-deca8ecdc544", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3ll7niwkfd72l", "content": "", "creation_timestamp": "2025-03-25T16:03:51.156919Z"}, {"uuid": "fd097df0-2dff-43bc-a2c4-26b383025198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llf75ysvm42r", "content": "", "creation_timestamp": "2025-03-27T21:03:10.142211Z"}, {"uuid": "4f495bcb-8df2-4102-bc2a-b6ec88eeca59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3ll7ob4476i2u", "content": "", "creation_timestamp": "2025-03-25T16:17:22.026350Z"}, {"uuid": "9354a5b8-ddc3-4865-8692-61e6bb9500c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://threatintel.cc/2025/03/26/075641.html", "content": "", "creation_timestamp": "2025-03-26T10:56:41.000000Z"}, {"uuid": "8165e479-bbf0-4d14-85ba-e84d337b8e3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qr5t6uk2k", "content": "", "creation_timestamp": "2025-03-24T21:56:48.516702Z"}, {"uuid": "840fbeaa-de57-4f64-a8f6-8149ef326b9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/cyberkendra.bsky.social/post/3lle7kfmcyk2p", "content": "", "creation_timestamp": "2025-03-27T11:37:35.230799Z"}, {"uuid": "dfbdd7e0-b136-4457-8aa9-eaec92c1fc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3llf3u5tfrc2s", "content": "", "creation_timestamp": "2025-03-27T20:04:02.011854Z"}, {"uuid": "7923f594-b2b0-46a3-be25-975433ac7f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llf3uxsrzjw2", "content": "", "creation_timestamp": "2025-03-27T20:05:11.443276Z"}, {"uuid": "12d3f821-45c5-4dd2-937b-c51aa49ea864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3llf57ppyv62s", "content": "", "creation_timestamp": "2025-03-27T20:28:19.587619Z"}, {"uuid": "89e48c1d-1e03-47d5-90f9-56645768cb3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-05", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "956ea089-7825-4134-98bb-c7114f7256c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114219932988801200", "content": "", "creation_timestamp": "2025-03-24T23:11:08.650462Z"}, {"uuid": "24613e12-d8f8-4138-8661-801ef44a2049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114220315548349001", "content": "", "creation_timestamp": "2025-03-25T00:48:22.225912Z"}, {"uuid": "21d010ae-15d2-4776-bfa2-39bf93fbad8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html", "content": "", "creation_timestamp": "2025-03-24T17:55:00.000000Z"}, {"uuid": "e203504c-f3f4-4d15-934d-28c6524bca8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llphyjrkem2k", "content": "", "creation_timestamp": "2025-03-31T23:07:48.031105Z"}, {"uuid": "0e8e7980-7c96-4c78-840e-124c698975e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llvxmfxpnmt2", "content": "", "creation_timestamp": "2025-04-03T13:03:32.733573Z"}, {"uuid": "bf246406-2fb0-4748-918d-4b86ab98739f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llf5xbl55gp2", "content": "", "creation_timestamp": "2025-03-27T20:41:49.888120Z"}, {"uuid": "03a5c81f-7c56-460b-9bef-e1c37150cd65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll6o7wc2ff22", "content": "", "creation_timestamp": "2025-03-25T06:44:47.438408Z"}, {"uuid": "aa56d7b3-79e4-48a7-824c-0e24aeef9e4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/fefesblog.skybot.party/post/3ll6qqgnhz72q", "content": "", "creation_timestamp": "2025-03-25T07:29:03.708802Z"}, {"uuid": "23923970-e3c2-42f6-aa29-c090ba482a36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Dreadnod.social.cologne.ap.brid.gy/post/3ll6qvmgt6pa2", "content": "", "creation_timestamp": "2025-03-25T07:34:59.441283Z"}, {"uuid": "4b10264c-d82c-48ab-b41f-3ea65954d78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llesaz733zp2", "content": "", "creation_timestamp": "2025-03-27T17:15:03.506896Z"}, {"uuid": "bcdc256c-7447-426b-bc0e-85e183601137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.407246Z"}, {"uuid": "0963a398-7dd0-4127-9ad8-0c289fce5ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.449646Z"}, {"uuid": "bcf5eaf4-700b-4157-ab90-02582cd77eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/elhacker.net/post/3llgtmkryoc25", "content": "", "creation_timestamp": "2025-03-28T12:41:53.374512Z"}, {"uuid": "67793828-b893-47bd-94c4-02ad1d8d8f09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55fubcs2b", "content": "", "creation_timestamp": "2025-03-29T10:37:48.767954Z"}, {"uuid": "12a08266-20d8-4ad9-9397-9fdfa9740f47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55hlc2k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:51.207121Z"}, {"uuid": "f6d76fde-96b0-424d-9d0b-c5fb1634503c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55jd74k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:53.612306Z"}, {"uuid": "17b37121-232a-4764-a69b-fbcef91e4d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55ltcls2b", "content": "", "creation_timestamp": "2025-03-29T10:37:56.004342Z"}, {"uuid": "f0cdecf0-cb86-4072-bfc5-0adaf33653e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.632354Z"}, {"uuid": "be236fd5-9c86-4bb3-9b1b-c0d1976c8252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115379792545602333", "content": "", "creation_timestamp": "2025-10-15T19:18:38.415505Z"}, {"uuid": "441c4704-3fd8-4d5c-a7f0-c22545b91c69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-24514.yaml", "content": "", "creation_timestamp": "2025-04-09T17:20:27.000000Z"}, {"uuid": "724fea9a-b1e2-40bf-bb4a-0dc323f0ebcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4claqx2h", "content": "", "creation_timestamp": "2025-04-11T21:02:26.740624Z"}, {"uuid": "ac1cddf4-3f53-41f8-b21b-fdb8d3abdbe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lsef4b7bf622", "content": "", "creation_timestamp": "2025-06-24T15:13:15.325077Z"}, {"uuid": "6c96cc21-bbad-436e-96ec-5bb7d85a66d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://gist.github.com/Darkcrai86/d5391a4dc6327062b493bd576ae34de3", "content": "", "creation_timestamp": "2025-12-29T15:24:14.000000Z"}, {"uuid": "597d6975-888a-43ec-860c-10fc308615e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwbwglwoxz2t", "content": "", "creation_timestamp": "2025-08-13T13:26:04.704019Z"}, {"uuid": "b2e240bc-6101-442c-aa6f-846854a454f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://www.cert.at/de/warnungen/2025/3/kubernetes-ingress-nginx-controller-vulnerabilities", "content": "", "creation_timestamp": "2025-03-26T13:31:21.000000Z"}, {"uuid": "5aa36ba9-199f-453d-ae8b-19a29f3fbbc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3me5bzfrx3f27", "content": "", "creation_timestamp": "2026-02-05T21:02:55.444204Z"}, {"uuid": "b1543591-c3d6-45cb-8f4c-796778c1808d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5a3w2nv2s2", "content": "", "creation_timestamp": "2025-12-30T00:47:09.784267Z"}, {"uuid": "54333a2e-2eb1-449a-9a9d-268797ba4412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5kmmjajw52", "content": "", "creation_timestamp": "2025-12-30T00:55:30.468048Z"}, {"uuid": "b46b124a-5699-42ab-8364-ce8708ab5968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8573", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24514\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A security issue was discovered in  ingress-nginx https://github.com/kubernetes/ingress-nginx  where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)\n\ud83d\udccf Published: 2025-03-24T23:29:36.802Z\n\ud83d\udccf Modified: 2025-03-24T23:29:36.802Z\n\ud83d\udd17 References:\n1. https://github.com/kubernetes/kubernetes/issues/131006", "creation_timestamp": "2025-03-25T00:25:16.000000Z"}, {"uuid": "28040f43-5efc-4951-9475-afe79c3c5941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "Telegram/mScKTq8Y9H_ri6N8f7MyDB2llZxISPLnHubdFZyFMGJbCQo", "content": "", "creation_timestamp": "2025-06-12T03:00:07.000000Z"}, {"uuid": "32292743-75d0-4497-9a51-e4c05dcaa4bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/84edafcd-42a7-4c30-96f8-87de8e73e1ab", "content": "", "creation_timestamp": "2025-03-25T10:40:57.259809Z"}, {"uuid": "335cf5a4-7fa6-47ea-88e6-9dd48fc70aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://gist.github.com/b0b0haha/e9ba480f2076fd87788e5f58ab857407", "content": "", "creation_timestamp": "2026-04-21T11:32:36.000000Z"}, {"uuid": "6399f71f-bb53-4fc1-b18d-d37b03484dcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5140", "content": "\u0411\u0430\u043b\u0434\u0451\u0436\u043d\u0430\u044f \u0434\u044b\u0440\u0430\n\n\u042f \u043d\u0435 \u0441\u043c\u043e\u0433\u0443 \u0432\u0441\u0451 \u0443\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432 \u043f\u043e\u0441\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0447\u0435\u0441\u043a\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043f\u0440\u043e\u0439\u0442\u0438 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c. \u0414\u0435\u043c\u043a\u0443 PoC'\u0430 \u043f\u0440\u0438\u0446\u0435\u043f\u0438\u043b \u043a \u043f\u043e\u0441\u0442\u0443.\n\ntl;dr \nOver 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover\n\nWiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover.\n. . .\nThe Vulnerability  \nIngress NGINX deploys an admission controller within its pod, designed to validate incoming ingress objects before they are deployed. By default, admission controllers are accessible over the network without authentication, making them a highly appealing attack vector. \n\nWhen the Ingress-NGINX admission controller processes an incoming ingress object, it constructs an NGINX configuration from it and then validates it using the NGINX binary.  Our team found a vulnerability in this phase that allows injecting an arbitrary NGINX configuration remotely, by sending a malicious ingress object directly to the admission controller through the network.  \n\nDuring the configuration validation phase, the injected NGINX configuration causes the NGINX validator to execute code, allowing remote code execution (RCE) on the Ingress NGINX Controller\u2019s pod. \n\nThe admission controller\u2019s elevated privileges and unrestricted network accessibility create a critical escalation path. Exploiting this flaw allows an attacker to execute arbitrary code and access all cluster secrets across namespaces, that could lead to complete cluster takeover.\n. . .\nMitigation &amp; Detection\n\nFirst, determine if your clusters are using ingress-nginx. In most cases, you can check this by running kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx with cluster administrator permissions.\n\nThis vulnerability is fixed in Ingress NGINX Controller version 1.12.1 and 1.11.5. We strongly recommend that cluster admins: \n\n- Update to the latest version of Ingress NGINX Controller. \n\n- Ensure the admission webhook endpoint is not exposed externally. \n. . .\nFrom Configuration Injection to RCE \n\nWith a reliable file upload to Ingress NGINX Controller\u2019s pod, we can now put it all together to exploit this issue into a full-blown Remote Code Execution. \n\nThe exploit works as follows: \n\n- Upload our payload in the form of a shared library to the pod by abusing the client-body buffer feature of NGINX \n\n- Send an AdmissionReview request to the Ingress NGINX Controller\u2019s admission controller, which contains any one of our directive injections \n\n- The directive we inject is the ssl_engine directive, which will cause NGINX to load the specified file as a shared library \n\n- We specify the ProcFS path to the file descriptor of our payload \n\n- If everything goes well, our shared library is now loaded, and we execute code remotely \nIngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n+\nAVD-KSV-0041 - Ingress Controller - Cluster Role Allowing Access To All Secrets\nhttps://github.com/kubernetes/ingress-nginx/issues/10778\n\nissue \u0431\u044b\u043b\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 (\u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043f\u0435\u0440\u0435\u043e\u0442\u043a\u0440\u044b\u0442\u0430), \u0430 \u043f\u043e \u0444\u0430\u043a\u0442\u0443 Wiz \u0437\u0430\u0440\u0435\u043f\u043e\u0440\u0442\u0438\u043b \u0431\u0430\u0433\u0438 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0442\u043e\u043b\u044c\u043a\u043e. \u0412\u043e\u0442 \u0438 \u0434\u0443\u043c\u0430\u0435\u043c \ud83c\udf1d", "creation_timestamp": "2025-03-25T08:54:56.000000Z"}, {"uuid": "47696770-3f65-4f38-a0c0-1bde39ffd310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/27241", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aIngressNightmare-PoC\uff1a (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974)  PoC \uff0cOne-click script \u3002 \u4e00\u952e\u811a\u672c \nURL\uff1ahttps://github.com/lufeirider/IngressNightmare-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-30T08:35:01.000000Z"}, {"uuid": "a65da269-e845-4450-86e9-6dd0872382cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_News/2541", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974)\nLink: https://darkwebinformer.com/poc-code-to-exploit-the-ingressnightmare-vulnerabilities-cve-2025-1097-cve-2025-1098-cve-2025-24514-and-cve-2025-1974/", "creation_timestamp": "2025-03-27T20:04:08.000000Z"}, {"uuid": "195af421-7273-4acb-a9b5-cece0a5a0ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "Telegram/QMJRspa-u4nazI8zKkYrcrzsCPEt_TjOqyMhuWOLygoVcg", "content": "", "creation_timestamp": "2025-03-25T01:46:01.000000Z"}, {"uuid": "a789ba35-8f95-4fa5-a0e9-b2d4d9c7c8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://t.me/itsec_news/5595", "content": "\u200b\u26a1\ufe0fIngressNightmare: \u043d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 Ingress-Nginx \u0432\u0435\u0434\u0451\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0432\u0437\u043b\u043e\u043c\u0443 Kubernetes\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Wiz \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 admission controller \u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 Ingress-Nginx \u0434\u043b\u044f Kubernetes. \u041e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 6 500 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500.\n\nIngress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0432 Kubernetes \u0441\u043b\u0443\u0436\u0430\u0442 \u0441\u0432\u044f\u0437\u0443\u044e\u0449\u0438\u043c \u0437\u0432\u0435\u043d\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043c\u0438\u0440\u043e\u043c \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u041e\u043d\u0438 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u044b \u2014 \u043f\u0440\u0430\u0432\u0438\u043b\u0430, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0435, \u043a\u0430\u043a\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 HTTP/S-\u0442\u0440\u0430\u0444\u0438\u043a \u043a\u0443\u0434\u0430 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d. Ingress-Nginx \u2014 \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Nginx. \u041e\u043d \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0432 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b Nginx \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a \u0432 \u043d\u0443\u0436\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a Ingress-Nginx \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u041e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f admission controller. \u041f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430 \u043e\u043d \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e Nginx \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0451\u0442 \u0435\u0451 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0431\u0438\u043d\u0430\u0440\u043d\u043e\u043c\u0443 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440\u0443. \u0418\u043c\u0435\u043d\u043d\u043e \u0437\u0434\u0435\u0441\u044c \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430: \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u044f\u043c\u043e \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u043e\u0434\u0430, \u0433\u0434\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440.\n\n\u041e\u0441\u043e\u0431\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e admission controller \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0438\u043c\u0435\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u043c \u0438\u043c\u0435\u043d (namespace) \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434, \u043d\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 CVE-2025-1974 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8). \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u043d\u044b\u0439 ingress-\u043e\u0431\u044a\u0435\u043a\u0442. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2025-1097 , CVE-2025-1098 \u0438 CVE-2025-24514 \u2014 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8.8 \u0431\u0430\u043b\u043b\u043e\u0432. \u0421\u0430\u043c\u0430\u044f \u00ab\u043b\u0451\u0433\u043a\u0430\u044f\u00bb \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u2014 CVE-2025-24513 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 4.8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. Wiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043e \u043d\u0430\u0445\u043e\u0434\u043a\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 2024 \u0433\u043e\u0434\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b 10 \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0423\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Ingress-Nginx \u2014 1.12.1 \u0438 1.11.5 \u2014 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0440\u0438\u0441\u043a, \u0447\u0442\u043e \u043d\u0435 \u0432\u0441\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u043e\u0431\u043d\u043e\u0432\u044f\u0442 \u0441\u0432\u043e\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b. Kubernetes \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0435\u0439. \u0412 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 Wiz \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 admission controller \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0432 \u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b Kubernetes API Server.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-25T10:16:07.000000Z"}, {"uuid": "1c80f160-253b-4af8-947f-81db68fb7545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://t.me/cvedetector/21016", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24514 - Kubernetes Ingress-Nginx Annotation Injection Vulnerability (Arbitrary Code Execution &amp; Secret Disclosure)\", \n  \"Content\": \"CVE ID : CVE-2025-24514 \nPublished : March 25, 2025, 12:15 a.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : A security issue was discovered in  ingress-nginx   where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T02:46:03.000000Z"}, {"uuid": "8b6eb46e-5b8e-4119-bc96-5c0695db75c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://t.me/bizone_channel/1794", "content": "\ud83e\udd65 BI.Z\u041eNE WAF \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Kubernetes \u2014 Ingress Nightmare\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 ingress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u00a0\u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u041d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Ingress Nightmare.\n\nCVE-2025-1974, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0443\u044e \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9,8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0430\u0442\u0430\u043a\u0438: CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098.\u00a0\n\n\u041f\u0435\u0440\u0432\u0438\u0447\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 Ingress NGINX Controller, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u043c NGINX \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Kubernetes Admission Controllers \u2014 \u044d\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a API-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 Kubernetes.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2025-1974 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Ingress Nginx \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 AdmissionReview.\u00a0\n\n\u041f\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b BI.Z\u041eNE WAF, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u044f\u0434\u043a\u0430 43% \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\u00a0\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 ingress-nginx v1.11.5 \u0438 1.12.1.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043e\u0442 CVE-2025-1974 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f BI.ZONE WAF.\u00a0\u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 AdmissionReview, \u0447\u0442\u043e \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0434\u0430\u043b\u044c\u0448\u0435.\n\n\u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 BI.ZONE CPT.", "creation_timestamp": "2025-03-28T15:08:59.000000Z"}, {"uuid": "d014fae0-17f7-408c-8782-c2fda4f99c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/15432", "content": "\ud83d\udea8PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974)\n\nhttps://darkwebinformer.com/poc-code-to-exploit-the-ingressnightmare-vulnerabilities-cve-2025-1097-cve-2025-1098-cve-2025-24514-and-cve-2025-1974/", "creation_timestamp": "2025-03-27T21:03:44.000000Z"}, {"uuid": "618c5669-671b-49b9-93f5-90e962c19233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "Telegram/qtf5UlSjl8ansax6HEFOWjNwUYd29vo_Y6ok0vpVyjxeaHc", "content": "", "creation_timestamp": "2025-03-30T17:00:07.000000Z"}, {"uuid": "803126ed-d48c-43ed-a2fc-4468d59f36e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "published-proof-of-concept", "source": "Telegram/otAoaF9HglqRlYurEeGfVVpj7vUDLPFmRTv87nx_aQ9uiE0", "content": "", "creation_timestamp": "2025-03-27T04:00:06.000000Z"}, {"uuid": "21b8a462-8852-4ea7-b454-d779f30696d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://t.me/true_secator/6873", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 Ingress NGINX \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0438\u0441\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 \u0438 CVE-2025-1974 \u0438 \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 IngressNightmare, \u0432\u043b\u0438\u044f\u044f \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 Ingress NGINX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430.\n\n\u041f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e Ingress-NGINX - \u044d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c Kubernetes.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Wiz, 41% \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0432\u044b\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Ingress NGINX.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, 43% \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434 \u0438\u043c\u0435\u044e\u0442 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043e\u0434\u0438\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440, \u0430 6500 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0432\u044b\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\nIngressNightmare \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432\u0445\u043e\u0434\u0430 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u0420\u0438\u0441\u043a \u0430\u0442\u0430\u043a \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u043e \u0441\u0435\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\u00a0\n\n\u041a\u043e\u0433\u0434\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043f\u0443\u0441\u043a\u0430 Ingress-NGINX \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u043e\u043d \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0438\u0437 \u043d\u0435\u0433\u043e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e NGINX, \u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0435\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 NGINX.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Wiz \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u044d\u0442\u0430\u043f\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e NGINX, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f NGINX \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440 NGINX \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c RCE \u043d\u0430 \u043c\u043e\u0434\u0443\u043b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress NGINX.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IngressNightmare \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u043c\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u0445 \u0438\u043c\u0435\u043d, \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u044b\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c Kubernetes.\n\nIngress NGINX - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u043c\u0438 \u043c\u0438\u0440\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c\u0438 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 - \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0418\u0418 \u0434\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0433\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Kubernetes \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0432\u0441\u0435\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u0431\u0435\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b.\n\nWiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0432\u043e\u0438\u0445 \u0432\u044b\u0432\u043e\u0434\u0430\u0445 Kubernetes \u0432 \u043a\u043e\u043d\u0446\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0438 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430. \n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Ingress NGINX Controller 1.12.1 \u0438 1.11.5, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0448\u043b\u0438 \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a.\u00a0\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u043b\u0438 \u0436\u0435 \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u0435\u0440 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u043c \u0434\u043e\u043f\u0443\u0441\u043a\u0430: \u043b\u0438\u0431\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 \u0435\u0433\u043e, \u043b\u0438\u0431\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c API Kubernetes.\n\nKubernetes, Google Cloud \u0438 Microsoft \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c IngressNightmare\u00a0(1, 2 \u0438 3 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e).", "creation_timestamp": "2025-03-26T10:39:04.000000Z"}, {"uuid": "2b788a9a-6e99-47f7-a0cb-377d01ca92f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://t.me/cultofwire/1333", "content": "Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication\n\n\u041d\u0430\u0447\u043d\u0438\u0442\u0435 \u0441\u0432\u043e\u0451 \u0443\u0442\u0440\u043e \u0441 \u0447\u0430\u0448\u043a\u0438 \u043a\u0440\u0435\u043f\u043a\u043e\u0433\u043e CVSS 9.8 \u0432 Ingress NGINX Controller \u0434\u043b\u044f Kubernetes.\n\n\u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 \u0438 CVE-2025-1974) \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u0434\u043e\u0432\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. \u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 NGINX Ingress Controller, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress \u0434\u043b\u044f NGINX \u0438 NGINX Plus.\n\n\u041a\u043e\u0440\u043e\u0442\u043a\u043e \u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445:\n- CVE-2025-24513 (CVSS: 4,8) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a directory traversal \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n- CVE-2025-24514 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-url \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1097 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-tls-match-cn \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1098 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u0438 Mirror-Target \u0438 Mirror-Host Ingress \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1974 (CVSS: 9,8) \u2014 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0434\u0443\u043b\u0435\u0439, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\nWiz \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c\u044e IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a \u0436\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u043c \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438.", "creation_timestamp": "2025-03-25T07:19:59.000000Z"}, {"uuid": "2e313cf0-4ab7-41a1-b2b5-d83b6a76b486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24514", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11966", "content": "#exploit\n1. CVE-2025-1974, CVE-2025-24514:\nIngress(Nightmare) NGINX RCE\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n\n2. CVE-2025-24799, CVE-2025-24801:\nPre-auth SQLi to RCE in GLPI\nhttps://blog.lexfo.fr/glpi-sql-to-rce.html\n\n3. CVE-2025-29927:\nAuthorization Bypass in Next.js Middleware\nhttps://github.com/arvion-agent/next-CVE-2025-29927\n]-&gt; Bypass Checker:\nhttps://github.com/RoyCampos/CVE-2025-29927", "creation_timestamp": "2025-03-26T00:36:58.000000Z"}]}