Malware Devil

Loading...

Thursday, March 11, 2021

Critical Vulnerabilities Affecting F5 Devices (CERT-EU Security Advisory 2021-015)

On the 10th or March 2021, F5 released several security advisories, including four identified as critical.
One of the vulnerabilities allows an unauthenticated attacker with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services.
Another of the vulnerabilities may allow either a bypass of URL-based access control or remote code execution (RCE) if a request is incorrectly handled by Traffic Management Microkernel (TMM) URI normalisation.
No public proof of concept is available yet.
Read More

The post Critical Vulnerabilities Affecting F5 Devices (CERT-EU Security Advisory 2021-015) appeared first on Malware Devil.



https://malwaredevil.com/2021/03/11/critical-vulnerabilities-affecting-f5-devices-cert-eu-security-advisory-2021-015/?utm_source=rss&utm_medium=rss&utm_campaign=critical-vulnerabilities-affecting-f5-devices-cert-eu-security-advisory-2021-015
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Barbary Pirates and Russian Cybercrime

In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...