Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities (CVE-2024-21793, CVE-2024-26026) affecting F5’s BIG-IP Next Central Manager. About the vulnerabilities BIG-IP Next is “a completely new incarnation” of F5’s BIG-IP devices/modules, which are used for managing and inspecting network and application traffic. They are usually deployed by big enterprises – telcos, internet and cloud service providers – but also governments. BIG-IP Next Central Manager allows users to centrally control their … More
The post F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026) appeared first on Help Net Security.