Esonhugh - Security Researcher - Exploit Intelligence Platform

CVE-2025-1097 GITHUB HIGH go WORKING POC

Ingress-Nginx - RCE

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

92 stars

CVSS 8.8

View Code

CVE-2025-1098 GITHUB HIGH go WORKING POC

Ingress-Nginx - RCE

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

92 stars

CVSS 8.8

View Code

CVE-2025-24514 GITHUB HIGH go WORKING POC

K8s.io Ingress-nginx < 1.11.5 - Improper Input Validation

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

92 stars

CVSS 8.8

View Code

CVE-2025-1974 NOMISEC CRITICAL WORKING POC

Kubernetes - RCE

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

92 stars

CVSS 9.8

View Code

CVE-2023-7028 NOMISEC CRITICAL WORKING POC

GitLab Password Reset Account Takeover

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.

4 stars

CVSS 10.0

View Code