CVE-2026-42063— iControl SOAP vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-42063
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
iControl SOAP vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对外部实体的文件或目录可访问
Source: NVD (National Vulnerability Database)
Vulnerability Title
F5 BIG-IP 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP存在安全漏洞,该漏洞源于允许具有Resource Administrator或Administrator角色的已认证攻击者下载敏感文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-42063
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-42063
请登录查看更多情报信息。
Same Patch Batch · F5 · 2026-05-13 · 51 CVEs total
| CVE-2026-41225 | 9.1 CRITICAL | iControl REST vulnerability |
| CVE-2026-41957 | 8.8 HIGH | BIG-IP and BIG-IQ Configuration utility vulnerability |
| CVE-2026-40061 | 8.7 HIGH | iControl REST and tmsh vulnerability |
| CVE-2026-42930 | 8.7 HIGH | Appliance mode iControl REST vulnerability |
| CVE-2026-32673 | 8.7 HIGH | BIG-IP scripted monitor vulnerability |
| CVE-2026-34176 | 8.7 HIGH | Knowledge Appliance mode iControl REST vulnerability |
| CVE-2026-42945 | 8.1 HIGH | NGINX ngx_http_rewrite_module vulnerability |
| CVE-2026-20916 | 8.1 HIGH | BIG-IQ iControl REST vulnerability |
| CVE-2026-41217 | 7.9 HIGH | BIG-IP tmsh vulnerability |
| CVE-2026-42920 | 7.5 HIGH | BIG-IP DTLS Vulnerability |
| CVE-2026-41218 | 7.5 HIGH | BIG-IP PEM iRules vulnerability |
| CVE-2026-39458 | 7.5 HIGH | BIG-IP DNS Cache vulnerability |
| CVE-2026-40423 | 7.5 HIGH | BIG-IP SIP profile vulnerability |
| CVE-2026-40629 | 7.5 HIGH | BIG-IP SSL/TLS vulnerability |
| CVE-2026-39455 | 7.5 HIGH | BIG-IP Configuration utility vulnerability |
| CVE-2026-40618 | 7.5 HIGH | BIG-IP SSL/TLS vulnerability |
| CVE-2026-40060 | 7.5 HIGH | BIG-IP Advanced WAF and ASM vulnerability |
| CVE-2026-41227 | 7.5 HIGH | BIG-IP HTTP/2 Layer 7 Dos Protection vulnerability |
| CVE-2026-42409 | 7.5 HIGH | BIG-IP HTTP/2 vulnerability |
| CVE-2026-41956 | 7.5 HIGH | BIG-IP TMM Vulnerability |
Showing top 20 of 51 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: F5
Same weakness: CWE-552
- CVE-2026-40631
BIG-IP iControl SOAP vulnerability - CVE-2026-32185
Microsoft Teams Spoofing Vulnerability - CVE-2026-35440
Microsoft Word Information Disclosure Vulnerability - CVE-2025-7389
Unauthorized Arbitrary File Read via RMI in AdminServer Inte - CVE-2019-25709
CF Image Hosting Script 1.6.5 Unauthorized Database Access
V. Comments for CVE-2026-42063
No comments yet