Vulnerability feed

Vulnerability

CVE-2023-46747

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-46747
Description:: Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Last updated date:: 02/13/2025

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 10/31/2023
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/01/2023
Reference url to background: https://github.com/W01fh4cker/CVE-2023-46747-RCE

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/02/2023
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/f5_bigip_tmui_rce_cve_2023_46747.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/02/2023
Reference url to background: https://github.com/nvansluis/test_cve-2023-46747

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/03/2023
Reference url to background: https://github.com/RevoltSecurities/CVE-2023-46747

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/01/2024
Reference url to background: https://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/22/2024
Reference url to background: https://github.com/Rizzler4562/CVE-2023-46747-Mass-RCE

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/27/2025
Reference url to background: http://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html

Vulnerability Feed Contributors About Blog

@inTheWild

©2025 |