all InfoSec news
CVE-2023-46747 : Unauthenticated Remote Code Execution in F5 BIG-IP
Malware Analysis, News and Indicators - Latest topics malware.news
On 26th October, 2023 F5 released a security advisory about a critical unauthenticated remote code execution vulnerability, CVE-2023-46747, in F5’s BIG-IP configuration utility. This vulnerability could allow unauthenticated attackers with network access to the BIG-IP system through the management port, to execute arbitrary system commands. As part of the patch release, F5 also patched a high severity authenticated SQL injection vulnerability CVE-2023-46748 affecting the same product. F5 have observed threat actors are exploiting CVE-2023-46747 together with CVE-2023-46748 as part of …
access advisory attackers big big-ip code code execution configuration critical cve cve-2023-46747 malware analysis management network network access october patch patch release port release remote code remote code execution security security advisory system unauthenticated utility vulnerability