| 1 |
Worlds First Public POC for CVE-2025-1974 lol |
https://github.com/sandumjacob/IngressNightmare-POCs |
POC详情
|
| 2 |
None |
https://github.com/yoshino-s/CVE-2025-1974 |
POC详情
|
| 3 |
None |
https://github.com/yanmarques/CVE-2025-1974 |
POC详情
|
| 4 |
IngressNightmare POC. world first remote exploitation and with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-1974 https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities#how-did-we-discover-ingressnightmare-24 |
https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps |
POC详情
|
| 5 |
PoC for CVE-2025-1974: Critical RCE in Ingress-NGINX (<v1.12.1) via unsafe config injection. Exploitable from the pod network without credentials, enabling code execution and potential cluster takeover. Fixed in v1.12.1 and v1.11.5. For research/education only. |
https://github.com/dttuss/IngressNightmare-RCE-POC |
POC详情
|
| 6 |
Poc for Ingress RCE |
https://github.com/zwxxb/CVE-2025-1974 |
POC详情
|
| 7 |
Proof-of-Concept Tool to detect IngressNightmare (CVE-2025-1974) via (non-intrusive) active means. |
https://github.com/m-q-t/ingressnightmare-detection-poc |
POC详情
|
| 8 |
PoC of CVE-2025-1974, modified from the world-first PoC~ |
https://github.com/hi-unc1e/CVE-2025-1974-poc |
POC详情
|
| 9 |
A minimal test tool to help detect annotation injection vulnerabilities in Kubernetes NGINX Ingress controllers. This script sends a crafted AdmissionReview request to simulate a potential exploit path from CVE-2025-1974 and checks for signs of misinterpreted annotations in controller logs. |
https://github.com/0xBingo/CVE-2025-1974 |
POC详情
|
| 10 |
IngressNightmare (CVE-2025-1974) |
https://github.com/tuladhar/ingress-nightmare |
POC详情
|
| 11 |
POC IngressNightmare (CVE-2025-1974), modified from https://github.com/yoshino-s/CVE-2025-1974 |
https://github.com/rjhaikal/POC-IngressNightmare-CVE-2025-1974 |
POC详情
|
| 12 |
CVE-2025-1974 PoC 코드 |
https://github.com/zulloper/CVE-2025-1974 |
POC详情
|
| 13 |
Exploit CVE-2025-1974 with a single file. |
https://github.com/Rubby2001/CVE-2025-1974-go |
POC详情
|
| 14 |
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
|
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-1974.yaml |
POC详情
|
| 15 |
A security issue was discovered in ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller |
https://github.com/projectdiscovery/nuclei-templates/blob/main/cloud/kubernetes/cves/2025/CVE-2025-1974-k8s.yaml |
POC详情
|
| 16 |
None |
https://github.com/Threekiii/Awesome-POC/blob/master/%E4%BA%91%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/Kubernetes%20Ingress-nginx%20admission%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2025-1974.md |
POC详情
|
| 17 |
|
https://github.com/vulhub/vulhub/blob/master/ingress-nginx/CVE-2025-1974/README.md |
POC详情
|