F5 Products Remote Code Execution Vulnerability

February 13, 2025

A vulnerability was identified in F5 Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

No patch is currently available for CVE-2024-9287 of the affected products. Hence, the risk level is rated as High Risk.

RISK: High Risk

High Risk

TYPE: Operating Systems – Networks OS

TYPE: Networks OS

Impact

  • Remote Code Execution

System / Technologies affected

BIG-IP Next CNF

  • 1.1.0 – 1.4.0

 

BIG-IP Next SPK

  • 1.7.0 – 1.9.2

Solutions

Workaround:

Mitigate the vulnerability of attacks by following workaround:

 

  1. Do not create and use custom Python scripts using the vulnerable venv module

 

Please visit the vendor web-site for more details.

 

Apply workarounds issued by the vendor:

 

 

    Vulnerability Identifier

    Source

    Related Link

    A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

    If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

    Buy Me A Coffee
    Patreon

    To keep up to date follow us on the below channels.

    Tags: ,

    You may have missed

    hkcert

    F5 Products Remote Code Execution Vulnerability

    February 13, 2025
    image

    CVE Alert: CVE-2024-41934

    February 13, 2025
    image

    CVE Alert: CVE-2024-42419

    February 13, 2025
    image

    CVE Alert: CVE-2024-42405

    February 13, 2025
    image

    CVE Alert: CVE-2024-42410

    February 13, 2025