Description

The iControl REST interface has an unauthenticated remote command execution vulnerability. This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise. The BIG-IP system in Appliance mode is also vulnerable.

Remediation

Upgrade to the latest version of iControl.

References

K03009991: iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986

Related Vulnerabilities

MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities

ColdFusion AMF Deserialization RCE

VMware Workspace ONE Access SSTI (CVE-2022-22954)

Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)

Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.8)

Severity

High

Classification

CVE-2021-22986 CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution