CVE-2025-59359

CRITICAL

chaos-mesh < 2.7.3 - Unauthenticated Remote Code Execution via cleanTcs Mutation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-59359. PoCs published by mrk336.

AI-analyzed exploit summary This repository is a detailed writeup and forensic analysis of CVE-2025-59359, a critical OS command injection vulnerability in Chaos-Mesh's Controller Manager. It includes technical breakdowns, detection strategies, and mitigation advice but does not contain functional exploit code.

Description

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.

Exploits (1)

nomisec WRITEUP 1 stars
by mrk336 · poc
https://github.com/mrk336/Cluster-Chaos-Exploiting-CVE-2025-59359-for-Kubernetes-Takeover

This repository is a detailed writeup and forensic analysis of CVE-2025-59359, a critical OS command injection vulnerability in Chaos-Mesh's Controller Manager. It includes technical breakdowns, detection strategies, and mitigation advice but does not contain functional exploit code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Chaos-Mesh (version not specified)
No auth needed
Prerequisites: Access to Chaos-Mesh GraphQL endpoint · Ability to submit crafted experiment specs
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0207
EPSS Percentile 84.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-78
Status published
Products (2)
chaos-mesh/chaos-mesh 0 - 2.7.3Go
chaos-mesh/chaos_mesh < 2.7.3
Published Sep 15, 2025
Tracked Since Feb 18, 2026