Skip to main content

Severity by source

NVD PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:25 vuln.today
CVE Published
Feb 05, 2025 - 18:15 nvd
HIGH 8.7

DescriptionCVE.org

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow an authenticated attacker to execute arbitrary system commands.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

AnalysisAI

F5 BIG-IP contains an authenticated command injection in the iControl REST API and TMOS Shell (tmsh) save command. Authenticated attackers can inject system commands through crafted save operations, executing arbitrary code on the BIG-IP appliance which typically handles load balancing and SSL termination for critical application infrastructure.

Technical ContextAI

The tmsh save command processes user-supplied parameters without adequate sanitization before passing them to underlying system commands. An authenticated user with access to iControl REST or tmsh can inject shell metacharacters that execute arbitrary commands. BIG-IP appliances run a modified Linux OS and the exploitation context provides access to TLS private keys, configuration secrets, and network traffic.

RemediationAI

Apply the latest F5 security hotfix. Restrict iControl REST access to management networks only. Implement multi-factor authentication for BIG-IP admin access. Monitor tmsh command logs for unusual save operations. Rotate TLS certificates if compromise is suspected.

CVE-2025-21087 HIGH
8.9 Feb 05

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclo

CVE-2025-41433 HIGH
8.7 May 07

When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is conf

CVE-2025-21091 HIGH
8.7 Feb 05

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilizatio

CVE-2025-36504 HIGH
8.7 May 07

When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase i

CVE-2025-31644 HIGH
8.5 May 07

When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS

CVE-2026-22548 MEDIUM
5.9 Feb 04

BIG-IP Advanced WAF and ASM experience denial of service when processing specific requests under certain conditions, cau

CVE-2026-20732 LOW
3.1 Feb 04

Big-Ip Access Policy Manager is affected by user interface (ui) misrepresentation of critical information (CVSS 3.1).

CVE-2025-54500 MEDIUM
6.9 Aug 13

An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to bre

CVE-2025-52585 HIGH
8.7 Aug 13

When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diff

CVE-2025-41414 HIGH
8.7 May 07

When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate

CVE-2025-41399 HIGH
8.7 May 07

When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can c

CVE-2025-24320 MEDIUM
5.1 Feb 05

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that

Share

CVE-2025-20029 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy