Security News > 2024 > May > F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)
Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities affecting F5's BIG-IP Next Central Manager.
BIG-IP Next Central Manager allows users to centrally control their BIG-IP Next instances and services.
CVE-2024-21793 and CVE-2024-26026 - both injection vulnerabilities that may allow attackers to execute malicious SQL statements through the BIG-IP NEXT Central Manager API - have been found by researcher Vladyslav Babkin.
The PoCs Eclypsium shared for the two CVE-numbered flaws may allow attackers attackers to grab admin's password hash.
"The management console of the Central Manager can be remotely exploited by any attacker able to access the administrative UI via CVE 2024-21793 or CVE 2024-26026. This would result in full administrative control of the manager itself," the researchers explained.
"Attackers can then take advantage of the other vulnerabilities to create new accounts on any BIG-IP Next asset managed by the Central Manager. Notably, these new malicious accounts would not be visible from the Central Manager itself."
News URL
https://www.helpnetsecurity.com/2024/05/09/cve-2024-21793-cve-2024-26026/
Related news
- New BIG-IP Next Central Manager bugs allow device takeover (source)
- PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) (source)
- 15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) (source)
- PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992) (source)
- High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) (source)
- PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800) (source)
- Hackers use F5 BIG-IP malware to stealthily steal data for years (source)
- PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) (source)