4 matches found
F5 BIG-IP 操作系统命令注入漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a vulnerability related to operating system command injection. This...
CVE-2025-61958
CVE-2025-61958 is an iHealth TMOS Shell (tmsh) privilege-bypass vulnerability in BIG-IP. An authenticated user with at least Resource Administrator privileges can bypass tmsh restrictions and gain Advanced Shell (bash) access, potentially crossing Appliance mode boundaries. F5 provides fixes in m...
CVE-2025-23239
When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...
CVE-2025-23239
When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...