CVE-2026-32673 - Vulnerability Analysis
HighCVSS: 8.7Last Updated: May 13, 2026
BIG-IP - Command Injection
Published: May 13, 2026Updated: May 13, 2026Remote Exploitable
Overview
BIG-IP scripted monitors contain a command injection vulnerability caused by improper input handling, letting authenticated attackers with Resource Administrator or Administrator roles execute arbitrary system commands with elevated privileges, exploit requires authenticated access with specific roles.
Severity & Score
Severity: High
CVSS Score: 8.7
Impact
Authenticated attackers with specific roles can execute arbitrary system commands with elevated privileges, potentially compromising the system.
Mitigation
Update to the latest supported version.
Related Resources
Details
- CVE ID
- CVE-2026-32673
- Severity
- High
- CVSS Score
- 8.7
- Type
- command_injection
- Status
- unconfirmed
CWE
- CWE-250
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N