F5 BIG-IP tmsh
Easy fix8 remedies
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*
Easy fix8 remedies
- >= 17.5.0, <= 17.5.1
- >= 17.1.0, <= 17.1.2
- >= 16.1.0, <= 16.1.6
- >= 15.1.0, <= 15.1.10
F5 BIG-IP iControl REST and tmsh Vulnerability Allowing Privilege Escalation
Vulnerability
Patched
A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command, potentially allowing an authenticated attacker with at least resource administrator role privileges to execute arbitrary system commands with elevated rights. This exploitation could enable the attacker to bypass Appliance mode security on BIG-IP systems, executing commands with higher privileges and manipulating files through the BIG-IP management port or self IP addresses. The issue is confined to the control plane, with no data plane exposure.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of system commands with elevated privileges, allowing for file creation or deletion through the BIG-IP management port or self IP addresses. On systems with Appliance mode enabled, this vulnerability could bypass Appliance mode security, granting the attacker additional privileges.
Remediation
Users can upgrade to BIG-IP versions 17.5.1.3, 17.1.3, 16.1.6.1, or 15.1.10.8. For more information about managing BIG-IP product hotfixes, refer to the F5 article K13123.
Added: Oct 15, 2025, 2:25 PM
Updated: Oct 15, 2025, 2:25 PM
Vulnerability Rating
Custom Algorithm
spread
6.4impact
7.5exploitability
5.4remediation
7.9relevance
0.8threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.