VYPR
Unrated severityNVD Advisory· Published May 3, 2023· Updated Sep 18, 2025

BIG-IQ iControl REST Vulnerability

CVE-2023-29240

Description

An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected products

2
  • F5, Inc./Big IPllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 8.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.