{"uuid": "a952369e-3e63-42fc-990d-c716ace9bcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11842", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2023-46747 (Score 9.8); an unauthenticated remote code execution vulnerability via a side-channel from the management interface (Traffic Management User Interface (TMUI) and is closely related to CVE-2022-26377 which is a HTTP request smuggling vulnerability).\n\nF5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution by running arbitrary commands. This only affects the control plane and not the data plane.\n\nApparently, at the management console; sending requests to the \u201cbackend\u201d service that assumes the \u201cfrontend\u201d handled authentication is leading to this issue using HRS.\n\nTrack this issue at: http://ckure.esy.es/archives/13495\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/\n\nhttps://my.f5.com/manage/s/article/K000137353\n\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-10-27T19:50:20.000000Z"}