CVE-2025-1098: Arbitrary Code Execution Vulnerability in ingress-nginx Via Malicious Ingress Annotations

A critical security vulnerability has been discovered in ingress-nginx (from this GitHub repository: kubernetes/ingress-nginx) which allows an attacker to execute arbitrary code on targeted systems. The vulnerability exists due to incorrect handling of specific Ingress annotations, namely mirror-target and mirror-host.

In this post, we will discuss this vulnerability, demonstrate a proof-of-concept exploit, and provide pointers to official patches and mitigation strategies.

Vulnerability Description

Ingress-nginx allows defining annotations in Ingress resources that, when misused, can cause the injection of arbitrary configuration into the nginx system. With this injected configuration, an attacker can execute arbitrary code in the context of the ingress-nginx controller, leading to data leaks or unauthorized system changes. Additionally, the vulnerability allows for the disclosure of secrets accessible to the controller in the default installation (which can access all Secrets cluster-wide).

Here is a code snippet showing an example of an annotated Ingress leading to the vulnerability

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: vulnerable-ingress
  annotations:
    nginx.ingress.kubernetes.io/mirror-host: "$(echo <malicious_payload> | base64 -d | sh)"
spec:
  rules:
  - host: example.com
    http:
      paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: my-service
              port:
                number: 80

In the above configuration, by setting the nginx.ingress.kubernetes.io/mirror-host annotation to a malicious payload encoded in Base64, an attacker can execute the payload when it gets decoded by the ingress-nginx controller.

It's important to note that careful crafting of the malicious payload is necessary to achieve the intended results. This proof-of-concept exploit serves to demonstrate a vulnerability resulting from improper handling of mirror-target and mirror-host Ingress annotations.

Official References and Patches

The ingress-nginx maintainers are aware of the issue and have provided a patch and mitigation guidance. It is strongly recommended to take the required steps and apply the patches as soon as possible to prevent possible attacks.

- Official Security Advisory: CVE-2025-1098 Advisory
- Patch: Pull Request with Fix

Mitigation Strategy

Until you can apply the official patches, consider implementing the following mitigation strategies to reduce the risk associated with this vulnerability:

Restrict access to the Kubernetes Secrets that ingress-nginx controller runs with.

3. Deploy a policy engine like OPA-Gatekeeper to enforce validating admission control to ensure the mirror-host and mirror-target annotations are under strict control.

Conclusion

CVE-2025-1098 is a critical security issue in ingress-nginx, which allows an attacker to inject arbitrary configuration and execute malicious code within the context of the ingress-nginx controller, leading to potential data leaks or unauthorized actions. The ingress-nginx maintainers have recognized this vulnerability and provided patches as well as mitigation strategies. Users of ingress-nginx should act promptly to apply the official patches and follow the recommended mitigation strategies to minimize any possible security risks.

Timeline

Published on: 03/25/2025 00:15:14 UTC
Last modified on: 03/27/2025 16:45:46 UTC