Arbitrary Command Execution in F5 FirePass SSL VPN
CVE-2007-3097

Currently unrated

Key Information:

Vendor
F5
Vendor
CVE Published:
6 June 2007

Summary

The vulnerability allows remote attackers to execute arbitrary shell commands by injecting shell metacharacters through the 'username' parameter in the my.activation.php3 script of F5 FirePass 4100 SSL VPN. This exposure can lead to unauthorized system control, making it critical for users to implement proper security measures and patches.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.