CVE-2025-1974 PoC — Kubernetes ingress-nginx 安全漏洞

Source

https://github.com/Rubby2001/CVE-2025-1974-go

Associated Vulnerability

Title:Kubernetes ingress-nginx 安全漏洞 (CVE-2025-1974)
Description:Kubernetes ingress-nginx是云原生计算基金会（Cloud Native Computing Foundation）开源的Kubernetes 的入口控制器，使用NGINX作为反向代理和负载均衡器。 Kubernetes ingress-nginx存在安全漏洞，该漏洞源于在某些条件下，未认证的攻击者可通过访问pod网络在ingress-nginx控制器环境中执行任意代码，可能导致Secrets泄露。

Description

Exploit CVE-2025-1974 with a single file.

Readme

Exploit CVE-2025-1974 with a single file.

Usage:

```
1. change server_ip and server_port in shell.c
2. make
3. GOOS=linux go build -ldflags="-w -s -extldflags "-static"" -trimpath main.go
4. run main in your controlled pod
```

File Snapshot


 [4.0K]  /data/pocs/64102f66a2b92232bf4f3a9ff52b80722dd33f2c
├── [ 328]  build.sh
├── [4.7K]  main.go
├── [ 100]  Makefile
├── [ 230]  README.md
└── [ 728]  shell.c

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!