Security News > 2024 > May > Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover
2024-05-09 06:11
Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws "can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next
News URL
https://thehackernews.com/2024/05/critical-f5-central-manager.html
Related news
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover (source)
- OpenAI now pays researchers $100,000 for critical vulnerabilities (source)