F5 BIG-IP Shared Auth Bypass (CVE-2023-46747) for 2026-03-02

Last Updated: 12:16 UTC

CVE-2023-46747 is an authentication bypass via /mgmt/shared/authn/ in the F5 BIG-IP Configuration Utility. When chained with CVE-2023-46748 (SQL injection in the same component) the combination achieves unauthenticated RCE on BIG-IP appliances.

CVE References

CVE-2023-46747

MITRE ATT&CK

Tactic: Initial Access (TA0001)
Technique: T1190 — Exploit Public-Facing Application

Observed URIs

• /mgmt/shared/authn/login

Attackers by Country

IP Address : ASN : City/Provider

• 198.167.197.162 : AS39287 ab stract : Sweden