vulnerability

F5 Networks: CVE-2018-5537: K94105051: TMM vulnerability CVE-2018-5537

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:H/Au:N/C:N/I:N/A:P)	Jul 24, 2018	Jul 25, 2018	Apr 23, 2026

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:N/A:P)

Published

Jul 24, 2018

Added

Jul 25, 2018

Modified

Apr 23, 2026

Description

A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end.

Solution

f5-big-ip-upgrade-latest

References

CVE-2018-5537
https://attackerkb.com/topics/CVE-2018-5537
CWE-20
EUVD-EUVD-2018-17306
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-17306
https://my.f5.com/manage/s/article/K94105051

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report