F5 FirePass command execution vulnerability

By
In Sin categoría

F5’s FirePass SSL VPN appliance provides secure access to corporate applications and data using a standard web browser.

Delivering outstanding performance, scalability, ease-of-use, and end-point security, FirePass helps increase the productivity of those working from home or on the road while keeping corporate data secure.

S21sec has discovered a vulnerability in a F5 FirePass SSL VPN script that allows the injection of Linux’s shell commands under some circunstances.

The attacker doesn`t need to be logged in the system in order to trigger the exploit.

Workaround
F5 has published a security advisory at
https://tech.f5.com/home/solutions/sol167.html

Additionally, hotfix HF-75705-76003-1 has been issued for supported versions of FirePass.

You may download this hotfix or later versions of the hotfix from the F5 Networks Downloads site (https://downloads.f5.com/esd/index.jsp).

Acknowledgments
This vulnerability has been discovered and researched by:

  • Leonardo Nve S21Sec

With thanks to:

  • Alberto Moro S21Sec


You can access the latest version of this advisory at
https://www.s21sec.com/avisos/s21sec-035-en.txt

Recommended Posts
Comments

Leave a Comment