Vendor
high
advisory
CVE-2026-40061: BIG-IP DNS iControl REST/TMSH Command Injection Vulnerability
2 rules 2 TTPs 1 CVECVE-2026-40061 is a vulnerability in F5 BIG-IP DNS that allows an authenticated attacker with Resource Administrator or Administrator privileges to execute arbitrary system commands with elevated privileges via undisclosed iControl REST and TMOS Shell (tmsh) commands, potentially crossing security boundaries in Appliance mode deployments.
BIG-IP DNS
privilege-escalation
execution
cve
2r
2t
1c
high
advisory
CVE-2026-32643: F5 BIG-IP and BIG-IQ Authenticated Command Execution
2 rules 1 TTP 1 CVECVE-2026-32643 describes a vulnerability in F5 BIG-IP and BIG-IQ systems that allows a highly privileged, authenticated attacker with the Certificate Manager role to modify configuration objects, leading to arbitrary command execution.
BIG-IP +1
cve
command execution
privilege escalation
f5
2r
1t
1c