CVE-2026-42924

CVSS v3.1

8.7

High

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2026-42924

Affected Products

Big-Ip

CVE-2026-42924

Weakness Enumeration

Related Identifiers

Affected Products

References · 2