Unrated severityNVD Advisory· Published May 7, 2025· Updated Feb 26, 2026
Appliance mode BIG-IP iControl REST and tmsh vulnerability
CVE-2025-31644
Description
When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected products
2Patches
Vulnerability mechanics
References
1- my.f5.com/manage/s/article/K000148591mitrevendor-advisory
News mentions
0No linked articles in our index yet.