CVE-2023-46747

Description

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

F5 Networks
Severity: CRITICAL
CVE ID: CVE-2023-46747
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2023-46747

Refrence: Project Discovery GitHub

bijaysenihang

CVE-2023-46747 (F5 BIG-IP) RCE

Refrence: GitHub

W01fh4cker

exploit for f5-big-ip RCE cve-2023-46747

Refrence: GitHub

fu2x2000

CVE-2023-46747 Criticle Auth Bypass

Refrence: GitHub

maniak-academy

Refrence: GitHub

y4v4z

Refrence: GitHub

nvansluis

Refrence: GitHub

RevoltSecurities

An Exploitation script developed to exploit the CVE-2023-46747 which Pre Auth Remote Code Execution of f5-BIG Ip producs

Refrence: GitHub

vidura2

Refrence: GitHub

rainbowhatrkn

exploit for f5-big-ip RCE cve-2023-46747

Refrence: GitHub

Content on GitHub

AliBrTab | watchers:9

CVE-2023-46747-POC
F5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!

Refrence: GitHub

Description​

Proof Of Concept​

Content on GitHub​

Description

Proof Of Concept

Content on GitHub