CVE Catalog

CVE-2026-42780

MediumCVSS 4.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.89%

55th percentile - higher than 55% of all known CVEs

Summary

A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files.

Risk Assessment

An attacker could gain control over critical system files, potentially leading to serious security breaches and system instability.

Recommendation

It is recommended to update the software to the latest version that has not reached End of Technical Support to minimize the risk associated with this vulnerability.

Original NVD description (English source)

A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS