Lucene search
+L

9 matches found

0day.today
0day.today
added 2023/11/14 12:0 a.m.465 views

F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution Exploit

This Metasploit module exploits a directory traversal in F5's BIG-IP Traffic Management User Interface TMUI to upload a shell script and execute it as the Unix root user. Unix shell access is obtained by escaping the restricted Traffic Management Shell TMSH. The escape may not be reliable, and yo...

9.8CVSS10AI score0.99999EPSS
Exploits60
CNVD
CNVD
added 2020/03/31 12:0 a.m.4 views

F5 BIG-IP Buffer Error Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in F5 BIG-IP versions 12.1.0 through 12.1.5. An attacker can exploit the vulnerability to caus...

7.5CVSS6.8AI score0.01044EPSS
Exploits0References1
Prion
Prion
added 2020/03/27 3:15 p.m.21 views

Design/Logic Flaw

On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors...

5CVSS7.4AI score0.01044EPSS
Exploits0References1Affected Software11
Positive Technologies
Positive Technologies
added 2020/02/06 12:0 a.m.8 views

PT-2020-18758 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 11.6.0 through 11.6.5.1 BIG-IP versions 12.1.0 through 12.1.5 BIG-IP versions 13.1.0 through 13.1.3.1 BIG-IP versions 14.0.0 through 14.0.1 BIG-IP versions 14.1.0 through 14.1.2.2 BIG-IP versions 15.0.0 through 15.0.1.1...

5.9CVSS5.7AI score0.00808EPSS
Exploits0References3
Prion
Prion
added 2020/01/14 5:15 p.m.21 views

Command injection

In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict...

3.5CVSS5.5AI score0.00521EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/12/23 7:15 p.m.32 views

CVE-2019-19151

On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell tmsh privileges are able access object...

5.5CVSS5.4AI score0.003EPSS
Exploits0References1
NVD
NVD
added 2019/12/23 6:15 p.m.36 views

CVE-2019-6681

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache MFC handling in tmrouted...

7.8CVSS7.5AI score0.01062EPSS
Exploits0References1
NVD
NVD
added 2019/09/25 7:15 p.m.32 views

CVE-2019-6654

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

4.3CVSS4.6AI score0.00476EPSS
Exploits0References1
Prion
Prion
added 2019/09/25 7:15 p.m.24 views

Design/Logic Flaw

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

3.3CVSS4.6AI score0.00476EPSS
Exploits0References1Affected Software13
Rows per page
Query Builder