Security Advisory

CVE-2025-31644

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-07 22:04:10
Last updated 2026-02-26 18:28:43
Assigner f5
State PUBLISHED

Description

When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.