Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
F5 BIG-IP AFM 代码问题漏洞
Vulnerability Description
F5 BIG-IP AFM是美国F5公司的一款用于防护DDos攻击的高级防火墙产品。 F5 BIG-IP AFM存在代码问题漏洞。攻击者利用该漏洞可通过Configuration Utility上传恶意文件,例如上传特洛伊木马(Trojan)。
CVSS Information
N/A
Vulnerability Type
N/A