F5 BIG-IP iControl SOAP Remote Code Execution Vulnerability (CVE-2023-22374) Alert

fevereiro 6, 2023

Overview Recently, NSFOCUS CERT found that the technical details of the F5 BIG-IP arbitrary code execution vulnerability (CVE-2023-22374) were publicly disclosed online. Due to the format string vulnerability in BIG-IP iControl SOAP, a remote attacker with administrator authority can access the iControl SOAP interface through the BIG-IP management port or its own IP address, so […]

Millions of Devices May Be Affected, and Yeskit Botnet Family Spreads on a Massive Scale by Exploiting F5 BIG-IP Vulnerability

junho 2, 2022

Background   On May 4, 2022, F5 issued a security bulletin regarding a remote code execution vulnerability in iControlREST component of BIG-IP products. The CVE number of the vulnerability is CVE-2022-1388. The vulnerability can bypass authentication and remotely execute arbitrary code with a vulnerability score of CVSS up to 9.8. Since the bulletin, attackers have […]

F5 BIG-IP iControl REST Authentication Bypass Vulnerability (CVE-2022-1388) Alert

maio 11, 2022

Overview Recently, NSFOCUS CERT detected that F5 issued a security bulletin to fix an authentication bypass vulnerability in BIG-IP. Unauthenticated attackers can use the control interface to exploit, through the BIG-IP management interface or its own IP address. Network access to the iControl REST interface to execute arbitrary system commands, create or delete files, and […]

F5 BIG-IP/BIG-IQ High-Risk Vulnerabilities Threat Alert

março 24, 2021

Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities, CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992, which affect BIG-IP and BIG-IQ in F5. Users are advised to take preventive measures as soon as possible. BIG-IP is an F5 application delivery platform that […]

F5 BIG-IP TMUI Remote Code Execution Vulnerability (CVE-2020-5902) Threat Alert

julho 24, 2020

Vulnerability Description

Recently, NSFOCUS detected that F5 had updated its security advisory on the Traffic Management User Interface (TUMI) remote code execution vulnerability (CVE-2020-5902). The affected 15.x versions were changed to 15.0.0–15.1.0, and bypassable workarounds and validation methods were updated. By accessing the TUMI via the BIG-IP management port or their own IP addresses, unauthenticated attackers could craft malicious requests to obtain the privileges of target servers. The vulnerability has a CVSS score of 10. Currently, msf has integrated the exploit of the vulnerability. Users affected by the vulnerability are advised to take measures as soon as possible.



Inscreva-se no Blog da NSFOCUS