Researchers Discovered High-Severity Remote Code Execution Bug in F5 Products

17 November 2022

Experts from Rapid7 observed a customized CentOS installation operating on F5 BIG-IP and BIG-IQ devices found to have various vulnerabilities. While the other flaws are security bypass methods that F5 does not consider vulnerabilities, two of the vulnerabilities have been categorized as high-severity remote code execution vulnerabilities and given CVE IDs. Vulnerabilities Discovered The first high-severity flaw is tracked as (CVE-2022-41622) is an unauthenticated remote code execution via cross-site request forgery (CSRF) that impacts BIG-IP and BIG-IQ products.

Read full article on GBHackers

Date:

17 November 2022

Categorie(s):

NEWS

Tag(s):

F5, Products, Remote Code Execution, Security Pro, Vulnerability

Data Security – How Safe Is Data In Our Technology Driven World?20 April 2024
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland… – SWN #37919 April 2024
5.3M World-Check records may be leaked; how to check your records19 April 2024
Sacramento airport goes no-fly after AT&T internet cable snipped19 April 2024
Active adversary report: Ransomware hit a ceiling, but security teams at risk for more pain19 April 2024