VYPR
← All advisories
Critical severityOSV Advisory· Published Sep 15, 2025· Updated Sep 15, 2025

OS command injection in Chaos Mesh via the cleanTcs mutation

CVE-2025-59359

Description

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection, allowing unauthenticated in-cluster attackers to achieve remote code execution across the cluster.

Vulnerability

Overview

The cleanTcs mutation in the Chaos Controller Manager, part of the Chaos Mesh platform, is vulnerable to OS command injection [1][2]. This flaw, tracked as CVE-2025-59359, allows an attacker to inject arbitrary operating system commands through the GraphQL API endpoint. The vulnerability exists because user-supplied input is not properly sanitized before being passed to a shell command [2].

Exploitation

Exploitation requires the attacker to have in-cluster network access, which is a common scenario even for unprivileged pods [2]. The attacker can reach the Chaos Controller Manager's GraphQL server, which is exposed by default, and send a crafted mutation to the cleanTcs endpoint [2]. No authentication is needed to trigger the command injection [3]. This vulnerability is chained with CVE-2025-59358 to achieve full remote code execution [1][2][3].

Impact

A successful exploit allows an unauthenticated in-cluster attacker to execute arbitrary OS commands on the Chaos Controller Manager pod. This can be leveraged to steal privileged service account tokens, move laterally, and ultimately take over the entire Kubernetes cluster [2]. The impact is critical, with a CVSS score of 9.8 [2].

Mitigation

The issue is fixed in Chaos Mesh version 2.7.3 [2]. Users are strongly advised to upgrade immediately. If upgrading is not possible, workarounds include restricting network access to the Chaos Controller Manager's GraphQL port (10080) and disabling the chaosctl feature [1][2].

References
  1. chore!: disable chaosctl by default by g1eny0ung · Pull Request #4702 · chaos-mesh/chaos-mesh
  2. Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes cluster takeover
  3. NVD - CVE-2025-59359

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/chaos-mesh/chaos-meshGo
< 2.7.32.7.3

Affected products

1

Patches

1
67281c36f806

chore!: disable chaosctl by default (#4702)

https://github.com/chaos-mesh/chaos-meshYue YangJul 22, 2025via ghsa
commit
4 files changed · +3 10
  • CHANGELOG.md+1 0 modified
    @@ -26,6 +26,7 @@ For more information and how-to, see [RFC: Keep A Changelog](https://github.com/
 - Adopt vite and swc in the Dashboard UI [#4688](https://github.com/chaos-mesh/chaos-mesh/pull/4688)
 - Update usage about helm-values-schema-json [#4719](https://github.com/chaos-mesh/chaos-mesh/pull/4719)
 - Update swag to v1.16.4
+- Update `enableCtrlServer` to `false` by default in the Helm chart [#4702](https://github.com/chaos-mesh/chaos-mesh/pull/4702)
 
 ### Deprecated
  • .github/workflows/integration_test.yml+1 1 modified
    @@ -85,7 +85,7 @@ jobs:
         run: |
           helm install --wait --create-namespace chaos-mesh helm/chaos-mesh \
             -n=chaos-mesh --set images.tag=latest --set chaosDaemon.env.DOCKER_API_VERSION=1.41 \
-            --set controllerManager.chaosdSecurityMode=false
+            --set controllerManager.chaosdSecurityMode=false,enableCtrlServer=true
           kubectl port-forward -n chaos-mesh svc/chaos-dashboard 2333:2333 &
 
       - uses: actions/setup-go@v5
  • helm/chaos-mesh/values.yaml+1 1 modified
    @@ -42,7 +42,7 @@ timezone: "UTC"
 enableProfiling: true
 
 # enableCtrlServer is a flag to enable ctrlserver which provides service to chaosctl in controller-manager.
-enableCtrlServer: true
+enableCtrlServer: false
 
 images:
   # images.registry is the global container registry for the images, you could replace it with your self-hosted container registry.
  • install.sh+0 8 modified
    @@ -1507,10 +1507,6 @@ spec:
       targetPort: pprof
       protocol: TCP
       name: pprof
-    - port: 10082
-      targetPort: ctrl
-      protocol: TCP
-      name: ctrl
     - port: 10080
       targetPort: http
       protocol: TCP
@@ -1879,8 +1875,6 @@ spec:
             value: "false"
           - name: PPROF_ADDR
             value: ":10081"
-          - name: CTRL_ADDR
-            value: ":10082"
           - name: CHAOS_DNS_SERVICE_NAME
             value: chaos-mesh-dns-server
           - name: CHAOS_DNS_SERVICE_PORT
@@ -1910,8 +1904,6 @@ spec:
             containerPort: 10080
           - name: pprof
             containerPort: 10081
-          - name: ctrl
-            containerPort: 10082
       volumes:
         - name: webhook-certs
           secret:

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.