CVE-2025-31644

When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacke...

CVE-2025-31644

CVE-2025-31644 affects BIG-IP in Appliance mode. An authenticated administrator can exploit command injection via iControl REST and the tmsh shell to execute arbitrary system commands, potentially gaining root access. The advisory K000148591 provides fixes for affected branches: upgrade to BIG-IP...

F5 Networks BIG-IP : Appliance mode BIG-IP iControl REST and tmsh vulnerability (K000148591)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.7 / 16.1.6 / 17.1.2.2. It is, therefore, affected by a vulnerability as referenced in the K000148591 advisory. When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl RES...

The vulnerability of the TMOS Shell configuration tool’s IControl REST interface allows attackers to execute arbitrary commands. This vulnerability relates to the BIG-IP Access Policy Manager, as well as software programs such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe.

The vulnerability of the TMOS Shell configuration tool’s IControl REST interface exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

CVE-2025-20029

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell tmsh save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-20029

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell tmsh save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-20029

CVE-2025-20029 is a command-injection vulnerability in BIG-IP iControl REST and the tmsh shell. An authenticated user could execute arbitrary system commands, e.g., via a crafted HTTP POST to the iControl REST endpoint /mgmt/tm/util/bash with a JSON payload such as {"command": "id"}, potentially ...

F5 iControl REST和F5 BIG-IP TMOS Shell 操作系统命令注入漏洞

F5 iControl REST and F5 BIG-IP TMOS Shell are both products of F5 Corporation, U.S.A. F5 iControl REST is a development framework. and F5 BIG-IP TMOS Shell is a command line. An operating system command injection vulnerability exists in F5 iControl REST and F5 BIG-IP TMOS Shell that stems from th...

F5 Networks BIG-IP : BIG-IP iControl REST and tmsh vulnerability (K000148587)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.6 / 16.1.5.2 / 17.1.2.1. It is, therefore, affected by a vulnerability as referenced in the K000148587 advisory. A command injection vulnerability exists in iControl REST and the BIG-IP TMOS Shell tmsh, which may...

K29141800: Multi-blade VIPRION Configuration utility session cookie vulnerability CVE-2023-40537

Security Advisory Description An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. CVE-2023-40537 Impact A remote unauthenticated attacker may be able to reuse, for a limited time, an...

PT-2023-6395 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP affected versions not specified Description: The issue concerns an Exposure of Sensitive Information vulnerability existing in an undisclosed BIG-IP TMOS shell tmsh command. This vulnerability may allow an authenticated attacker with...

K21711352: TMOS Shell vulnerability CVE-2019-19151

Security Advisory Description Authenticated users granted TMOS Shell tmsh privileges can access objects on the file system, which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system, which would not normal...

K00091341: TMOS Shell privilege escalation vulnerability CVE-2020-5907

Security Advisory Description An authorized user provided with access only to the TMOS Shell tmsh may be able to conduct arbitrary file read/writes via the built-in sftp functionality. CVE-2020-5907 Impact A malicious actor who has gained access to a restricted account with tmsh access for exampl...

K51444934: NTP vulnerability CVE-2016-7426

Security Advisory Description NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service prevent responses from the sources by sending responses with a spoofed source...

K37442533: TMOS Shell vulnerability CVE-2018-5516

Security Advisory Description Authenticated users granted TMOS Shell tmsh access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be...

K02043709: Appliance mode tmsh access vulnerability CVE-2018-5520

Security Advisory Description On a BIG-IP system configured in Appliance mode, the TMOS Shell tmsh may allow an administrative user to use the dig utility to gain unauthorized access to file system resources. CVE-2018-5520 Note : Appliance mode is designed to meet the needs of customers in...

K39604784: BIG-IP system incorrectly forwards VLAN-tagged frames with STP at Pass Through mode

Security Advisory Description The BIG-IP system incorrectly forwards VLAN-tagged frames, even if the VLAN is not defined on the ingress interface, when Spanning Tree Protocol STP is set to Pass Through mode. Note : The following BIG-IP platforms are not affected: BIG-IP 2000s/2200s BIG-IP...

K36942191: Advanced WAF and BIG-IP ASM MySQL database vulnerability CVE-2021-23053

Security Advisory Description When the brute force protection feature of ASM/Adv WAF is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. CVE-2021-23053...

K73522927: BIG-IP Appliance mode vulnerability CVE-2019-6633

Security Advisory Description When the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions. CVE-2019-6633 Impact This vulnerability allows the attacker to exploit the system with high-level...

K31301245: TMUI CSRF vulnerability CVE-2020-5904

Security Advisory Description A cross-site request forgery CSRF vulnerability in the Traffic Management User Interface TMUI, also referred to as the Configuration utility, exists in an undisclosed page. CVE-2020-5904 Impact An attacker may be able to use the session of an administrator user to...