CVE-2023-46747CISA KEV: Actively Exploited

F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability

Published Oct 31, 2023·Updated Oct 31, 2023

Description

F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46748.

Public Exploits & PoCs11 found

PoC: CVE-2023-46747-Mass-RCE

CVE-2023-46747-Mass-RCE

2

PoC: F5-BIG-IP-CVE-2023-46747---Unauthenticated-RCE-Reverse-Shell-Nuclei-Template-Modified-

# F5 BIG-IP CVE-2023-46747 – Unauth RCE + Auto Reverse Shell Modified & improved Nuclei template by raguraman ✓ Creates hidden admin ✓ Instant TCP revshell (just edit LHOST/LPORT) ✓ Works on all unpatched 13.x-17.x ⚠️ Authorized pentesting ONLY! Patch: K000137353

1

PoC: BigFinger

CVE-2023-46747-RCE PoC

PoC: CVE-2023-46747-Mass-RCE

CVE-2023-46747-Mass-RCE

PoC: CVE-2023-46747-Mass-RCE

CVE-2023-46747-Mass-RCE

PoC: CVE-2023-46747-Mass-RCE

CVE-2023-46747-Mass-RCE

PoC: CVE-2023-46747-RCE

exploit for f5-big-ip RCE cve-2023-46747

PoC: CVE-2023-46747

An Exploitation script developed to exploit the CVE-2023-46747 which Pre Auth Remote Code Execution of f5-BIG Ip producs

PoC: CVE-2023-46747

CVE-2023-46747 Criticle Auth Bypass

PoC: CVE-2023-46747-RCE

exploit for cve-2023-46747

PoC: CVE-2023-46747-Mass-RCE

CVE-2023-46747 (F5 BIG-IP) RCE

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free