Arbitrary Command Execution in BIG-IP TMOS Shell by F5 Networks
CVE-2026-41217

8.3HIGH

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-41217?

The vulnerability allows authenticated users with resource administrator or administrator roles in F5 Networks' BIG-IP TMOS Shell (tmsh) to execute arbitrary system commands with elevated privileges. In Appliance mode deployments, exploiting this flaw enables attackers to cross security boundaries, thereby compromising system integrity and potentially leading to unauthorized system access. It's critical for users of affected versions to apply necessary security patches to mitigate this risk.

Affected Version(s)

BIG-IP 21.0.0 < 21.0.0.2

BIG-IP 17.5.0 < 17.5.1.6

BIG-IP 17.1.0 < 17.1.3.2

References

https://my.f5.com/manage/s/article/K000161107

vendor-advisorypatch

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
Apr 30, 2026

Credit

CVE-2026-41217 Data

JSON