CVE-2023-46747

CRITICAL9.8

CISA KEVRansomwarePublic PoCHigh EPSS

Description

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

F5 / BIG-IP17.1.0 – *
F5 / BIG-IP16.1.0 – *
F5 / BIG-IP15.1.0 – *
F5 / BIG-IP14.1.0 – *
F5 / BIG-IP13.1.0 – *

Exploits & PoCs

nucleiF5 BIG-IP - Unauthenticated RCE via AJP Smugglingby iamnoooob,rootxharsh,pdresearch

References

MISChttps://my.f5.com/manage/s/article/K000137353
EXPLOIThttp://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html
MISChttps://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/