CVE-2025-1974 PoC — Kubernetes ingress-nginx 安全漏洞

Source

https://github.com/BiiTts/POC-IngressNightmare-CVE-2025-1974

Associated Vulnerability

Title:Kubernetes ingress-nginx 安全漏洞 (CVE-2025-1974)
Description:Kubernetes ingress-nginx是云原生计算基金会（Cloud Native Computing Foundation）开源的Kubernetes 的入口控制器，使用NGINX作为反向代理和负载均衡器。 Kubernetes ingress-nginx存在安全漏洞，该漏洞源于在某些条件下，未认证的攻击者可通过访问pod网络在ingress-nginx控制器环境中执行任意代码，可能导致Secrets泄露。

Readme

# Shell.so Builder (Alpine-based)

This project allows you to build a `shell.so` payload using Alpine Linux inside a Docker container.

## Instructions

1. **Clone the repository**:
   git clone <repository_url>
   cd <repository_name>

2. **Build the payload**:
   ./run_build.sh

The compiled `shell.so` will be generated in the project root directory.

⚠️ Important: The reverse shell IP and port are hardcoded in shell.c. Make sure to update them before building the payload.

File Snapshot


 [4.0K]  /data/pocs/7f58b55f0d6cec9a6d9a92aa372ea5fcf1d69264
├── [ 369]  build.sh
├── [ 484]  README.md
├── [2.0K]  review.json
├── [ 123]  run_build.sh
├── [ 723]  shell.c
└── [3.1K]  xpl.py

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!