CNNVD-202510-2157 Information

Oct 15, 2025 cve

CNNVD ID

CNNVD-202510-2157

CVE-2025-53868

  • CNNVD Published: 2025-10-15

Description (Chinese)

F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP存在操作系统命令注入漏洞,该漏洞源于高权限攻击者可通过SCP和SFTP访问绕过Appliance模式限制。

Description (English)

F5 BIG-IP is an application delivery platform for network traffic management, application security management, load balance, and so on. F5 BIG-IP has an operating system command to inject a loophole, which stems from the fact that high-authority assailants can circumvent the Appliance mode restriction through SCP and SFTP access.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

F5

Published

2025-10-15

Last Modified

2026-02-24

References

https://my.f5.com/manage/s/article/K000151902

Patch

https://my.f5.com/manage/s/article/K000156912

Share on: