Directory Traversal Vulnerability in F5 BIG-IP APM and FirePass Products
CVE-2013-0150
Currently unrated
Summary
A directory traversal vulnerability exists in a signed Java applet within the client-side components of F5 BIG-IP APM and FirePass products when APM is provisioned. This flaw allows remote attackers to manipulate file paths, potentially enabling them to upload and execute arbitrary files by using the '..' (dot dot) sequence in the filename parameter. Successful exploitation can lead to unauthorized access and execution of malicious code, posing significant risks to the system integrity.
References
Timeline
Vulnerability Reserved
Vulnerability published