A serious vulnerability in the Ingress-Nginx Controller component of Kubernetes could allow an attacker to take over a cluster, exposing thousands of deployments to potential takeover risks. Cloudy information security outfit Wiz has discovered that more than 6,000 publicly accessible Kubernetes installations have vulnerable admission controllers, including those operated by Fortune 500 companies.
The vulnerability lies in the admission controller’s ability to process and validate incoming ingress objects, which are used to define rules for handling external traffic to a cluster. An attacker can send a malicious ingress object to bypass the validation process, allowing them to inject arbitrary Nginx configuration remotely.
If an attacker gains access to the vulnerable admission controller, they can execute remote code execution (RCE) and gain elevated privileges. This could lead to complete cluster takeover, including access to all cluster secrets across namespaces.
Wiz has disclosed five CVEs, collectively known as IngressNightmare, which were fixed in Nginx Controller version 1.12.1 and 1.11.5. The company advises users to upgrade as soon as possible but also recognizes that not everyone can do so due to the critical nature of their applications.
In the meantime, Wiz recommends enforcing strict network policies to limit access to the admission controller and temporarily disabling the component. This is the best course of action for users who cannot apply the patch immediately, ensuring their clusters remain secure until they can be updated.
Source: https://www.theregister.com/2025/03/25/kubernetes_flaw_rce_risk