139 matches found
EUVD-2018-7200
Malware in sbrugna...
EUVD-2018-7203
Malware in sbrugna...
EUVD-2018-7199
Malware in sbrugna...
EUVD-2020-20229
Malware in sbrugna...
EUVD-2019-16175
Malware in sbrugna...
EUVD-2023-44131
Malicious code in bioql PyPI...
CVE-2020-5858
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles for example, Guest or Resource Administrator with tmsh shell access can execute arbitrary commands with elevated...
CVE-2020-27725
In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...
CVE-2025-31644
When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacke...
CVE-2025-31644
When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacke...
CVE-2025-31644 Appliance mode BIG-IP iControl REST and tmsh vulnerability
When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacke...
Exploit for CVE-2025-20029
CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP A...
CVE-2025-20029 BIG-IP iControl REST and tmsh vulnerability
Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell tmsh save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-20029 BIG-IP iControl REST and tmsh vulnerability
Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell tmsh save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000148587: BIG-IP iControl REST and tmsh vulnerability CVE-2025-20029
Security Advisory Description A command injection vulnerability exists in iControl REST and the BIG-IP TMOS Shell tmsh, which may allow an authenticated attacker to execute arbitrary system commands. CVE-2025-20029 Impact An authenticated attacker may exploit this vulnerability by sending a craft...
CVE-2023-45219
Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2023-45219 BIG-IP tmsh vulnerability
Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2023-45219
CVE-2023-45219 is a BIG-IP tmsh information disclosure vulnerability. An authenticated user with resource administrator privileges can view sensitive information via an undisclosed tmsh command. Affected versions: BIG-IP (all modules) 16.1.0–16.1.3, 15.1.0–15.1.8, 14.1.0–14.1.5. Fixes: 16.1.4 (16...
CVE-2023-45219 BIG-IP tmsh vulnerability
Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2023-3470
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...