Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| kubernetes | ingress-nginx | 0 ~ 1.11.4 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Worlds First Public POC for CVE-2025-1974 lol | https://github.com/sandumjacob/IngressNightmare-POCs | POC Details |
| 2 | None | https://github.com/yoshino-s/CVE-2025-1974 | POC Details |
| 3 | None | https://github.com/yanmarques/CVE-2025-1974 | POC Details |
| 4 | IngressNightmare POC. world first remote exploitation and with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-1974 https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities#how-did-we-discover-ingressnightmare-24 | https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps | POC Details |
| 5 | PoC for CVE-2025-1974: Critical RCE in Ingress-NGINX (<v1.12.1) via unsafe config injection. Exploitable from the pod network without credentials, enabling code execution and potential cluster takeover. Fixed in v1.12.1 and v1.11.5. For research/education only. | https://github.com/dttuss/IngressNightmare-RCE-POC | POC Details |
| 6 | Poc for Ingress RCE | https://github.com/zwxxb/CVE-2025-1974 | POC Details |
| 7 | Proof-of-Concept Tool to detect IngressNightmare (CVE-2025-1974) via (non-intrusive) active means. | https://github.com/m-q-t/ingressnightmare-detection-poc | POC Details |
| 8 | PoC of CVE-2025-1974, modified from the world-first PoC~ | https://github.com/hi-unc1e/CVE-2025-1974-poc | POC Details |
| 9 | A minimal test tool to help detect annotation injection vulnerabilities in Kubernetes NGINX Ingress controllers. This script sends a crafted AdmissionReview request to simulate a potential exploit path from CVE-2025-1974 and checks for signs of misinterpreted annotations in controller logs. | https://github.com/0xBingo/CVE-2025-1974 | POC Details |
| 10 | IngressNightmare (CVE-2025-1974) | https://github.com/tuladhar/ingress-nightmare | POC Details |
| 11 | POC IngressNightmare (CVE-2025-1974), modified from https://github.com/yoshino-s/CVE-2025-1974 | https://github.com/rjhaikal/POC-IngressNightmare-CVE-2025-1974 | POC Details |
| 12 | CVE-2025-1974 PoC 코드 | https://github.com/zulloper/CVE-2025-1974 | POC Details |
| 13 | Exploit CVE-2025-1974 with a single file. | https://github.com/Rubby2001/CVE-2025-1974-go | POC Details |
| 14 | A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-1974.yaml | POC Details |
| 15 | A security issue was discovered in ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller | https://github.com/projectdiscovery/nuclei-templates/blob/main/cloud/kubernetes/cves/2025/CVE-2025-1974-k8s.yaml | POC Details |
| 16 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E4%BA%91%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/Kubernetes%20Ingress-nginx%20admission%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2025-1974.md | POC Details |
| 17 | https://github.com/vulhub/vulhub/blob/master/ingress-nginx/CVE-2025-1974/README.md | POC Details | |
| 18 | None | https://github.com/chhhd/CVE-2025-1974 | POC Details |
| 19 | WHS3기 가상화 취약한(CVE) Docker 환경 구성 과제 | https://github.com/salt318/CVE-2025-1974 | POC Details |
| 20 | None | https://github.com/abrewer251/CVE-2025-1974_IngressNightmare_PoC | POC Details |
| 21 | None | https://github.com/Rickerd12/exploit-cve-2025-1974 | POC Details |
| 22 | CVE-2025-1974 | https://github.com/B1ack4sh/Blackash-CVE-2025-1974 | POC Details |
| 23 | None | https://github.com/Armand2002/Exploit-CVE-2025-1974-Lab | POC Details |
| 24 | None | https://github.com/BiiTts/POC-IngressNightmare-CVE-2025-1974 | POC Details |
| 25 | None | https://github.com/iteride/CVE-2025-1974 | POC Details |
| 26 | My view on IngressNightmare vulnerability (CVE-2025-1974) | https://github.com/I3r1h0n/IngressNightterror | POC Details |
| 27 | CVE-2025-1974 | https://github.com/Ashwesker/Blackash-CVE-2025-1974 | POC Details |
| 28 | Kubernetes Ingress-nginx RCE (IngressNightmare) | https://github.com/gunyakit/CVE-2025-1974-PoC-exploit | POC Details |
| 29 | CVE-2025-1974 | https://github.com/Ashwesker/Ashwesker-CVE-2025-1974 | POC Details |
| 30 | ingress-nginx admission controller RCE escalation PoC | https://github.com/BoianEduard/CVE-2025-1974 | POC Details |
No public POC found.
Login to generate AI POCNo comments yet