Unrated severityCISA KEVNVD Advisory· Published Oct 26, 2023· Updated Oct 21, 2025
BIG-IP Configuration utility unauthenticated remote code execution vulnerability
CVE-2023-46747
Description
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
3- New SharkLoader Malware Deploys Cobalt Strike in StrikeShark CyberattacksThe Hacker News · Jun 26, 2026
- StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoaderSecurelist · Jun 24, 2026
- Top 10 web hacking techniques of 2023 - nominations openPortSwigger Research · Jan 9, 2024