Security News > 2024 > May > F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)

F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)
2024-05-09 13:56

Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities affecting F5's BIG-IP Next Central Manager.

BIG-IP Next Central Manager allows users to centrally control their BIG-IP Next instances and services.

CVE-2024-21793 and CVE-2024-26026 - both injection vulnerabilities that may allow attackers to execute malicious SQL statements through the BIG-IP NEXT Central Manager API - have been found by researcher Vladyslav Babkin.

The PoCs Eclypsium shared for the two CVE-numbered flaws may allow attackers attackers to grab admin's password hash.

"The management console of the Central Manager can be remotely exploited by any attacker able to access the administrative UI via CVE 2024-21793 or CVE 2024-26026. This would result in full administrative control of the manager itself," the researchers explained.

"Attackers can then take advantage of the other vulnerabilities to create new accounts on any BIG-IP Next asset managed by the Central Manager. Notably, these new malicious accounts would not be visible from the Central Manager itself."


News URL

https://www.helpnetsecurity.com/2024/05/09/cve-2024-21793-cve-2024-26026/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
F5 143 6 276 404 64 750