vulnerability

F5: CVE-2026-42930: K000160876: Appliance mode iControl REST vulnerability CVE-2026-42930

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:N)

Published

May 13, 2026

Added

Jun 5, 2026

Modified

Jun 5, 2026

Description

When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions on a BIG-IP system.

Solution

f5-bigip-upgrade-latest

References

CVE-2026-42930
https://attackerkb.com/topics/CVE-2026-42930
https://my.f5.com/manage/s/article/K000160876
https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-30007
CWE-35
EUVD-EUVD-2026-30007

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report