CVE-2025-1974 POC (Proof-of-Concept)

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

Published: 2025-03-25

CVSS: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Download CVE-2025-1974 POC (Proof-of-Concept) here:

http://zeroday4n6aaxjruc5jgvulkdgy4mkioom5g6q7l3nz475a62vmamiyd.onion/exploit-for-cve-2025-1974.726/

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

https://connollyfinan.ie/poc-708-cve-2023-48777/

https://connollyfinan.ie/poc-359-cve-2024-38476/