Lucene search
K

10 matches found

Packet Storm
Packet Storm
added 2023/02/03 12:0 a.m.295 views

F5 Big-IP Create Administrative User

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'unixcrypt' class MetasploitModule 'F5 Big-IP Create Admin User', 'Description' = %q This creates a local user with a username/password and root-level privileges...

8.8CVSS0.87987EPSS
Exploits9
F5 Networks
F5 Networks
added 2023/01/06 2:40 a.m.76 views

K94221585: iControl SOAP vulnerability CVE-2022-41622

Security Advisory Description BIG-IP and BIG-IQ are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. CVE-2022-41622 Impact An attacker may trick users who have at least resource administrator role privilege and are authenticated through basic authentication in iControl...

8.8CVSS9.3AI score0.87987EPSS
Exploits7Affected Software14
Vulnrichment
Vulnrichment
added 2022/12/07 3:8 a.m.10 views

CVE-2022-41622 iControl SOAP vulnerability

In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS8.8AI score0.87987EPSS
Exploits7References1
CVE
CVE
added 2022/12/07 3:8 a.m.360 views

CVE-2022-41622

CVE-2022-41622 is a cross-site request forgery (CSRF) vulnerability in iControl SOAP affecting BIG-IP and BIG-IQ. An authenticated user with resource administrator privileges can trick the user into performing actions on the control plane. Affected versions include BIG-IP (17.x up to 17.0.0.2; 16...

8.8CVSS8.7AI score0.87987EPSS
In wildExploits7References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2022/11/23 12:0 a.m.10 views

F5 Big-IP Cross-Site Request Forgery (CVE-2022-41622)

A cross-site request forgery vulnerability exists in F5 Big-IP. Successful exploitation of this vulnerability could result in code execution on the affected system...

3.5AI score0.87987EPSS
Exploits7
hivepro
hivepro
added 2022/11/18 8:42 a.m.52 views

RCE flaw in F5 BIG-IP and BIG-IQ

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two security flaws in F5 BIG-IP and BIG-IQ can be exploited to enable remote code execution. An adversary could get persistent root access to the devices management interface by successfully...

3.5AI score0.87987EPSS
Exploits7
Circl
Circl
added 2022/11/17 12:36 p.m.33 views

CVE-2022-41622

creationtimestamp| type| source ---|---|--- 2022-11-17 12:36:05+00:00| seen| https://t.me/truesecator/3718 2022-11-17 21:29:01+00:00| seen| https://t.me/MrVGunz/589 2022-11-18 11:01:55+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7195 2022-11-18 22:42:50+00:00| seen|...

8.8CVSS7.5AI score0.87987EPSS
Exploits7References9
The Hacker News
The Hacker News
added 2022/11/17 6:58 a.m.73 views

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems. Cybersecurity firm Rapid7 said the flaws could be abused to remote access to the devices and defeat security constraints. The issues...

2.5AI score0.87987EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2022/11/16 3:0 p.m.118 views

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Rapid7 discovered several vulnerabilities and exposures in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS detailed in F5's Base Operating Systems support article. The affected products are detailed in the vendor advisories below: CVE-2022-41622: BIG-IP and BIG-IQ are...

10AI score0.87987EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.90 views

F5 Networks BIG-IP : iControl SOAP vulnerability (K94221585)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K94221585 advisory. BIG-IP and BIG-IQ are vulnerable to cross-site request forgery CSRF attacks through...

8.8CVSS8.1AI score0.87987EPSS
Exploits7References2
Rows per page
Query Builder