if You Exploited Any, The user:codeb0ss / pass:codeb0ssCVE-2023-46747 is a critical severity authentication bypass vulnerability in F5 BIG-IP that could allow an unauthenticated attacker to achieve re
|CVE-2023-46747 F5 BIG-IP Exploit
|Exploits And POCs
if You Exploited Any, The user:codeb0ss / pass:codeb0ss
CVE-2023-46747 is a critical severity authentication bypass vulnerability in F5 BIG-IP that could allow an unauthenticated attacker to achieve remote code execution (RCE). The vulnerability impacts the BIG-IP Configuration utility, also known as the TMUI, wherein arbitrary requests can bypass authentication. The vulnerability received a CVSSv3 score of 9.8.
According to the blog post by researchers at Praetorian, a request smuggling vulnerability, CVE-2022-26377 affecting Apache HTTP Server, was acknowledged by F5 in a KB article, but never fixed. This gave the researchers an avenue for exploitation and in their blog post, they detailed that an Apache JServ Protocol (AJP) smuggling bug was leveraged as part of the device compromise to bypass authentication and achieve code execution as the root user. While their blog post contained limited technical details as of October 27, additional details are expected to be released at a later date, once organizations have had adequate time to apply the patch.