Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Malware and Vulnerabilities
March 25, 2025
The Hacker News
After responsible disclosure, the vulnerabilities were fixed in Ingress NGINX Controller versions 1.12.1, 1.11.5, and 1.10.7. Users should update promptly and secure the admission webhook endpoint from external exposure.
Read More
Ingress NGINX Controller
Remote Code Execution (RCE)
Kubernetes Clusters
CVE-2025-24513
CVE-2025-24514
Publisher
Previous
AMOS Stealer Revamped to Serve as a Fully Undetected ma ...
Malware and Vulnerabilities
Next
Unmasking the Cybercriminal Behind ALTDOS, DESORDEN, GH ...
Incident Response, Learnings
/https://cyware-ent.s3.amazonaws.com/image_bank/2c9f_shutterstock_791299255.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/9c52_shutterstock_2094632710.jpg)
