F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus

August 20, 2024 at 07:18AM In August 2024, F5 released patches for nine vulnerabilities, including high-severity flaws in BIG-IP and NGINX Plus. The most severe issue, CVE-2024-39809, impacts BIG-IP Next Central Manager, allowing attackers to access systems after user logout. F5 also addressed CVE-2024-39778, CVE-2024-39792, and CVE-2024-41727, as well as five medium-severity flaws. Mitigation actions … Read more

2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts

May 9, 2024 at 05:16PM Newly discovered vulnerabilities in F5 Networks’ BIG-IP Next Central Manager could allow attackers to gain full control and create hidden accounts in F5-brand assets. These vulnerabilities have been assigned CVEs and patched by the vendor. Additional bugs affecting the Central Manager still pose threats, allowing attackers to wreak havoc despite … Read more

F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager

May 9, 2024 at 07:09AM F5 announced patches for its BIG-IP Next Central Manager to fix five vulnerabilities allowing complete device control. Eclypsium found the vulnerabilities but only two have CVE identifiers. One patched vulnerability is high severity, enabling unauthenticated attackers to execute malicious SQL statements. F5 states no impact beyond Next Central Manager. Eclypsium … Read more

New BIG-IP Next Central Manager bugs allow device takeover

May 8, 2024 at 03:55PM F5 has addressed two critical vulnerabilities in BIG-IP Next Central Manager, allowing attackers to gain admin control and create hidden rogue accounts. Exploiting SQL and OData injection flaws, unauthenticated attackers could execute malicious code remotely. Despite a temporary mitigation, F5 urges immediate patching or access restriction. There’s currently no evidence … Read more

Critical vulnerability in F5 BIG-IP under active exploitation

November 1, 2023 at 12:30PM Cybersecurity company F5’s BIG-IP suite has been found to have vulnerabilities that are already being exploited after proof of concept code was shared online. F5 confirmed evidence of active exploitation just days after limited-detail research was published. The vulnerabilities include an Apache JServ Protocol smuggling vulnerability and an SQL injection … Read more

Hackers exploit recent F5 BIG-IP flaws in stealthy attacks

November 1, 2023 at 10:54AM F5 is warning administrators of their BIG-IP devices about skilled hackers exploiting recently disclosed vulnerabilities. These hackers erase signs of their access and achieve stealthy code execution. Two critical vulnerabilities were identified, and F5 has urged admins to apply available security updates. The vulnerabilities allow for authentication bypass and SQL … Read more

Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability

November 1, 2023 at 02:11AM F5 has warned of active exploitation of a critical security flaw in BIG-IP, allowing attackers to execute arbitrary system commands. The vulnerability, tracked as CVE-2023-46747, affects several versions of the software. Additionally, F5 has observed threat actors using this vulnerability in conjunction with CVE-2023-46748, an authenticated SQL injection flaw. Users … Read more

Attackers Exploiting Critical F5 BIG-IP Vulnerability

October 31, 2023 at 11:51AM Hackers are actively exploiting a critical vulnerability in F5’s BIG-IP product, just five days after its disclosure. The flaw allows for remote code execution and unauthorized access. F5 has released hotfixes and is urging customers to install them immediately. Attackers are also exploiting another vulnerability in BIG-IP’s configuration utility. F5 … Read more

F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP

October 27, 2023 at 10:43AM F5 has issued a warning to customers about a critical vulnerability in its BIG-IP product. The vulnerability, tracked as CVE-2023-46747, allows an unauthenticated attacker to remotely execute arbitrary code. The flaw is closely related to a request smuggling issue in the Apache HTTP Server and can be exploited to gain … Read more