674 matches found
K000158029: iControl REST vulnerability CVE-2026-20916
Security Advisory Description An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. CVE-2026-20916 Impact An authenticated attacker with low privileges can exploit this vulnerability remotel...
K000160788: iControl REST and tmsh vulnerability CVE-2026-40061
Security Advisory Description When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher...
K000160981: iControl REST and tmsh vulnerability CVE-2026-40698
Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation...
K000160903: iControl REST vulnerability CVE-2026-42058
Security Advisory Description An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information leak of BIG-IP local user account names. CVE-2026-42058 Impact This vulnerability allows for a remote authenticated attacker with network access to the iControl REST...
K000160916: iControl REST vulnerability CVE-2026-41225
Security Advisory Description A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands. CVE-2026-41225 Impact This vulnerability may allow a highly privileged...
K000160979: BIG-IP iControl SOAP vulnerability CVE-2026-40631
Security Advisory Description An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. CVE-2026-40631 Impact This vulnerability may allow a remote, authenticated attacker with Resource...
K000160926: BIG-IP iControl SOAP vulnerability CVE-2026-42924
Security Advisory Description An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. CVE-2026-42924 Impact This vulnerability may allow a remote, authenticated attacker with...
K000160911: Appliance mode iControl REST vulnerability CVE-2026-24464
Security Advisory Description When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may allow an authenticated attacker with administrator role privileges to cross a security boundary and delete files. CVE-2026-24464 Impact In...
K000160876: Appliance mode iControl REST vulnerability CVE-2026-42930
Security Advisory Description When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions on a BIG-IP system. CVE-2026-42930 Impact An authenticated attacker with local system access and the Administrator role may be...
F5 BIG-IP和F5 BIG-IQ 安全漏洞
F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...
PT-2026-40653
Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.2 BIG-IP versions prior to 17.5.1.6 BIG-IP versions prior to 21.0.0.2 BIG-IQ versions prior to 17.1.3.2 BIG-IQ versions prior to 17.5.1.6 BIG-IQ versions prior to 21.0.0.2 Description A privilege escalation issu...
PT-2026-40638
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When running in Appliance mode, an authenticated remote command injection exists in an undisclosed iControl REST endpoin...
PT-2026-40642
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description A least privilege violation exists in iControl REST and the TMOS Shell tmsh. A highly privileged, authenticated attacker...
PT-2026-40632
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When running in Appliance mode, a directory traversal issue exists in an undisclosed iControl REST endpoint. This allows...
F5 BIG-IP 操作系统命令注入漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a vulnerability related to operating system command injection. This...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from a directory traversal...
PT-2026-40668
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An authenticated attacker with the Resource Administrator or Administrator role can download sensitive files via iContro...
PT-2026-40649
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description Incorrect permission assignment issues exist in iControl REST and an undisclosed command within the TMOS shell tmsh. The...
F5 BIG-IQ 路径遍历漏洞
F5 BIG-IQ is a software-based cloud management solution developed by F5 Corporation in the United States. This solution supports the delivery of applications and network services across public and private clouds, traditional data centers, and hybrid environments. F5 BIG-IQ has a path traversal...
PT-2026-40652
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through...