F5 BIG-IP Remote Code Execution Vulnerability (CVE-2023-46747) Notification
outubro 31, 2023
Overview Recently, NSFOCUS CERT monitored that F5 had released a security announcement to fix a remote code execution vulnerability in BIG-IP (CVE-2023-46747). Due to the problem of F5 BIG-IP forwarding AJP protocol through Apache httpd, requests were smuggled, which could bypass permission verification. Unauthenticated remote attackers can access the BIG-IP system through the BIG-IP management […]
F5 BIG-IP iControl SOAP Remote Code Execution Vulnerability (CVE-2023-22374) Alert
fevereiro 6, 2023
Overview Recently, NSFOCUS CERT found that the technical details of the F5 BIG-IP arbitrary code execution vulnerability (CVE-2023-22374) were publicly disclosed online. Due to the format string vulnerability in BIG-IP iControl SOAP, a remote attacker with administrator authority can access the iControl SOAP interface through the BIG-IP management port or its own IP address, so […]
Millions of Devices May Be Affected, and Yeskit Botnet Family Spreads on a Massive Scale by Exploiting F5 BIG-IP Vulnerability
junho 2, 2022
Background On May 4, 2022, F5 issued a security bulletin regarding a remote code execution vulnerability in iControlREST component of BIG-IP products. The CVE number of the vulnerability is CVE-2022-1388. The vulnerability can bypass authentication and remotely execute arbitrary code with a vulnerability score of CVSS up to 9.8. Since the bulletin, attackers have […]
F5 BIG-IP iControl REST Authentication Bypass Vulnerability (CVE-2022-1388) Alert
maio 11, 2022
Overview Recently, NSFOCUS CERT detected that F5 issued a security bulletin to fix an authentication bypass vulnerability in BIG-IP. Unauthenticated attackers can use the control interface to exploit, through the BIG-IP management interface or its own IP address. Network access to the iControl REST interface to execute arbitrary system commands, create or delete files, and […]
F5 BIG-IP/BIG-IQ High-Risk Vulnerabilities Threat Alert
março 24, 2021
Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities, CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992, which affect BIG-IP and BIG-IQ in F5. Users are advised to take preventive measures as soon as possible. BIG-IP is an F5 application delivery platform that […]
F5 BIG-IP TMUI Remote Code Execution Vulnerability (CVE-2020-5902) Threat Alert
julho 24, 2020
Vulnerability Description
Recently, NSFOCUS detected that F5 had updated its security advisory on the Traffic Management User Interface (TUMI) remote code execution vulnerability (CVE-2020-5902). The affected 15.x versions were changed to 15.0.0–15.1.0, and bypassable workarounds and validation methods were updated. By accessing the TUMI via the BIG-IP management port or their own IP addresses, unauthenticated attackers could craft malicious requests to obtain the privileges of target servers. The vulnerability has a CVSS score of 10. Currently, msf has integrated the exploit of the vulnerability. Users affected by the vulnerability are advised to take measures as soon as possible.
(mais…)