ATTACK [PTsecurity] Ingress nginx RCE (CVE-2025-1974)

SID: 10013533Rev: 142 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Ingress nginx RCE (CVE-2025-1974)"; flow:to_server, established; http.request_body; content:"kind"; content:"AdmissionReview"; distance:0; content:"nginx.ingress.kubernetes.io|2f|auth-url|22|"; distance:0; pcre:"/^\s*\x3A\s*\x22[^\x22]*?\/proc\/\d+\/fd\/\d+/PR"; reference:cve, 2025-1974; reference:url, www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10013533; rev:1;)

References

cve2025-1974
urlwww.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!