F5.BIG-IP.iControl.REST.Interface.Remote.Command.Execution

Description

This indicates an attack attempt to exploit a Code Injection Vulnerability in F5 iControl REST interface.
The vulnerability is due to an insufficient input validation error when the vulnerable module handles a crafted HTTP request. A remote attacker could exploit this to execute arbitrary code within the context of target application, via a crafted HTTP request.

Outbreak Alert

The 2 most critical vulnerabilities allow a remote attacker with access to the user interface (or REST API via the user interface) to gain full control of the system and execute arbitrary system commands, create or delete files, and disable services. The most critical is unauthenticated. Exploitation can lead to complete system compromise. The U.S. Cybersecurity and Infrastructure Agency (CISA) has urged companies using BIG-IP and BIG-IQ to fix the critical F5 flaws.

View the full Outbreak Alert Report

Affected Products

BIG-IP 16.0.0 - 16.0.1
BIG-IP 15.1.0 - 15.1.2
BIG-IP 14.1.0 - 14.1.3
BIG-IP 13.1.0 - 13.1.3
BIG-IP 12.1.0 - 12.1.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support.f5.com/csp/article/K03009991