F5 | writeups.xyz

Title	Vulnerabilities	Programs	Authors
HTTP is dead... Long live HTTP?!	HTTP Request Smuggling Web Cache Poisoning	Akamai F5	D3d (@Deadvolvo)
From Akamai to F5 to NTLM... with love.	HTTP Request Smuggling Web Cache Poisoning	Akamai F5	D3d (@Deadvolvo)
Refresh: Compromising F5 BIG-IP With Request Smuggling \| CVE-2023-46747	HTTP Request Smuggling Authentication Bypass RCE Apache JServ Protocol (AJP)	F5	Michael Weber (@BouncyHat) Thomas Hendrickson
CVE-2023-22374: F5 BIG-IP Format String Vulnerability	Format String Vulnerability Memory Corruption	F5	Ron Bowes (@Iagox86)
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF	WAF Bypass SQL Injection	Palo Alto Networks AWS Cloudflare F5 Imperva	Noam Moshe
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures	CSRF RCE RPM Spec Injection	F5	Ron Bowes (@Iagox86)
Weaponizing Middleboxes for TCP Reflected Amplification	DoS	Check Point Cisco F5 Fortinet Juniper Netscout Palo Alto SonicWall Sucuri	Kevin Bock Abdulrahman Alaraj Yair Fax Kyle Hurley Eric Wustrow Dave Levin
F5 Networks Endpoint Inspector – Browser-to-RCE?	RCE	F5	Dave U. Ramdon

Page 1 of 1