← back
CVE-2023-46747

BIG-IP Configuration utility unauthenticated remote code execution vulnerability

CVSS 9.8 CRITICALEPSS 96.5%● KEVCWE-288
In short

The BIG-IP configuration tool has a flaw that lets attackers skip the login requirement and run commands on the system if they can reach the management port. This is critical because it gives complete control without needing valid credentials.

Technical detail

An unauthenticated attacker with network access to BIG-IP management or self IP interfaces can bypass authentication checks in the configuration utility to achieve arbitrary command execution. The vulnerability requires no credentials and grants system-level privileges; exploitation is feasible over the network without prerequisites beyond port accessibility.

Summary generated and translated by AI from the official description.
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
F5 · BIG-IP
public PoCs found10
githubgithub.com/W01fh4cker/CVE-2023-46747-RCE208githubgithub.com/nvansluis/test_cve-2023-467477githubgithub.com/Razzlemouse/F5-BIG-IP-SmuggleShell-CVE-2023-46747-Exploit4githubgithub.com/RevoltSecurities/CVE-2023-467473githubgithub.com/maniak-academy/Mitigate-CVE-2023-467472githubgithub.com/vidura2/cve-2023-467472githubgithub.com/rainbowhatrkn/CVE-2023-46747-RCE0githubgithub.com/cediegreyhat/BigFinger0githubgithub.com/fu2x2000/CVE-2023-467470cve_referencepacketstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.htmlhttps://my.f5.com/manage/s/article/K000137353https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46747https://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/