F5 has patched two vulnerabilities (CVE-2024-26026 and CVE-2024-21793) in its BIG-IP Next Central Manager console that can grant full admin control of the target application.
The critical-severity, unauthenticated remote code execution flaw exists in several versions of the F5 BIG-IP security appliances.
A new vulnerability has emerged in the F5 BIG-IP security appliances that can allow an attacker to crash the device.
Rapid7 researchers discovered two code execution flaws in several versions of the F5 BIG-IP appliances.
F5 has patched more than 20 vulnerabilities in BIG-IP, including one that an attacker could use to take complete control of a target appliance.