F5 BIG-IP TMUI unauthenticated RCE — StrikeShark/SharkLoader initial-access vector
cve · CVE-2023-46747
Coverage timeline
1
first 2026-06-27 → last 2026-06-27
Briefs
1
1 distinct
Sources cited
9
7 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-27CTI Daily Brief — 2026-06-27
Source distribution
- advisories.ncsc.nl2 (22%)
- my.f5.com2 (22%)
- cwe.mitre.org1 (11%)
- helpnetsecurity.com1 (11%)
- securelist.com1 (11%)
- securityweek.com1 (11%)
- sygnia.co1 (11%)
External references
All cited sources (9)
- securelist.comprimaryinlineKaspersky Securelist, 2026-06-24https://securelist.com/strikeshark-campaign/120326/
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0162, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0162
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0162, 2026-05-15https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0162.json
- cwe.mitre.orginlineCWE-648https://cwe.mitre.org/data/definitions/648.html
- helpnetsecurity.cominlineHelp Net Security, 2026-06-26https://www.helpnetsecurity.com/2026/06/26/sharkloader-dropper-governments-software-developers/
- my.f5.cominlineF5 K000160932, 2026-05-14https://my.f5.com/manage/s/article/K000160932
- my.f5.cominlineF5 K000172841https://my.f5.com/manage/s/article/K000172841
- securityweek.cominlineSecurityWeek, 2026-05-14https://www.securityweek.com/f5-patches-over-50-vulnerabilities/
- sygnia.coinlineSygnia — Velvet Ant prior reportinghttps://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/
Items in briefs about F5 BIG-IP TMUI unauthenticated RCE — StrikeShark/SharkLoader initial-access vector
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.