CVE-2008-6474
F5 TMOS - Authenticated Perl Code Injection via Configuration Settings
Title source: llmDescription
The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/51116
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28639
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490496/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49308
Scores
EPSS
0.0048
EPSS Percentile
65.3%
Details
CWE
CWE-94
Status
published
Products (1)
f5/tmos
9.4.3
Published
Mar 16, 2009
Tracked Since
Feb 18, 2026