Vigil@nce - F5 BIG-IP: file upload via Access Policy Manager
March 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can upload a malicious file via Access
Policy Manager on F5 BIG-IP, in order for example to upload a
Trojan.
– Impacted products: BIG-IP Hardware, TMOS.
– Severity: 2/4.
– Creation date: 21/01/2016.
DESCRIPTION OF THE VULNERABILITY
The F5 BIG-IP product offers a web service for the BIG-IP
Configuration utility.
It can be used to upload a file via the Access Policy Manager
section of uploadImage.php. However, as the file type is not
restricted, a PHP file can be uploaded on the server, and then
executed.
An authenticated attacker can therefore upload a malicious file
via Access Policy Manager on F5 BIG-IP, in order for example to
upload a Trojan.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/F5-BIG-IP-file-upload-via-Access-Policy-Manager-18783