1. 主頁
  2. 保安警報
  3. 保安警報 (A26-05-26)

保安警報 (A26-05-26): F5 產品多個漏洞


 

發布日期: 2026年 5月 14日

描述:

F5 發布了安全公告,以應對 F5 產品的多個漏洞。有關漏洞資料的詳情,請參考以下網址:
https://my.f5.com/manage/s/article/K000149743
https://my.f5.com/manage/s/article/K000150508
https://my.f5.com/manage/s/article/K000156581
https://my.f5.com/manage/s/article/K000156604
https://my.f5.com/manage/s/article/K000156734
https://my.f5.com/manage/s/article/K000156761
https://my.f5.com/manage/s/article/K000157895
https://my.f5.com/manage/s/article/K000157981
https://my.f5.com/manage/s/article/K000158029
https://my.f5.com/manage/s/article/K000158038
https://my.f5.com/manage/s/article/K000158070
https://my.f5.com/manage/s/article/K000158082
https://my.f5.com/manage/s/article/K000158971
https://my.f5.com/manage/s/article/K000158978
https://my.f5.com/manage/s/article/K000158979
https://my.f5.com/manage/s/article/K000159021
https://my.f5.com/manage/s/article/K000159034
https://my.f5.com/manage/s/article/K000160727
https://my.f5.com/manage/s/article/K000160788
https://my.f5.com/manage/s/article/K000160857
https://my.f5.com/manage/s/article/K000160862
https://my.f5.com/manage/s/article/K000160863
https://my.f5.com/manage/s/article/K000160874
https://my.f5.com/manage/s/article/K000160875
https://my.f5.com/manage/s/article/K000160876
https://my.f5.com/manage/s/article/K000160901
https://my.f5.com/manage/s/article/K000160903
https://my.f5.com/manage/s/article/K000160911
https://my.f5.com/manage/s/article/K000160916
https://my.f5.com/manage/s/article/K000160926
https://my.f5.com/manage/s/article/K000160932
https://my.f5.com/manage/s/article/K000160945
https://my.f5.com/manage/s/article/K000160971
https://my.f5.com/manage/s/article/K000160972
https://my.f5.com/manage/s/article/K000160973
https://my.f5.com/manage/s/article/K000160975
https://my.f5.com/manage/s/article/K000160979
https://my.f5.com/manage/s/article/K000160981
https://my.f5.com/manage/s/article/K000161018
https://my.f5.com/manage/s/article/K000161019
https://my.f5.com/manage/s/article/K000161021
https://my.f5.com/manage/s/article/K000161022
https://my.f5.com/manage/s/article/K000161023
https://my.f5.com/manage/s/article/K000161027
https://my.f5.com/manage/s/article/K000161028
https://my.f5.com/manage/s/article/K000161040
https://my.f5.com/manage/s/article/K000161056
https://my.f5.com/manage/s/article/K000161068
https://my.f5.com/manage/s/article/K000161107
https://my.f5.com/manage/s/article/K000161131
https://my.f5.com/manage/s/article/K000161244
https://my.f5.com/manage/s/article/K32950402
https://my.f5.com/manage/s/article/K35544022

 

受影響的系統:

  • BIG-IP (所有模組) 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.2、17.1.0 至 17.1.3、17.5.0、17.5.0 至 17.5.1、21.0.0
  • BIG-IP APM 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
  • BIG-IP Advanced WAF/ASM 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
  • BIG-IP DDoS Hybrid Defender 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1
  • BIG-IP DNS 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
  • BIG-IP Next CNF 版本 1.1.0 至 1.4.1、2.0.0 至 2.2.1
  • BIG-IP Next SPK 版本 1.7.0 至 1.9.2、2.0.0 至 2.0.3
  • BIG-IP Next for Kubernetes 版本 2.0.0 至 2.1.1
  • BIG-IP PEM 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
  • BIG-IP SSL Orchestrator 版本 17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
  • BIG-IQ Centralized Management 版本 8.4.0 至 8.4.1
  • F5 DoS for NGINX 版本 4.8.0
  • F5 WAF for NGINX 版本 5.9.0 至 5.12.1
  • NGINX App Protect DoS 版本 4.3.0 至 4.7.0
  • NGINX App Protect WAF 版本 4.9.0 至 4.16.0、5.1.0 至 5.8.0
  • NGINX Gateway Fabric 版本 1.3.0 至 1.6.2、2.0.0 至 2.6.0
  • NGINX Ingress Controller 版本 3.5.0 至 3.7.2、4.0.0 至 4.0.1、5.0.0 至 5.4.2
  • NGINX Instance Manager 版本 2.16.0 至 2.21.1
  • NGINX Open Source 版本 0.3.50 至 0.9.7、1.0.0 至 1.30.0
  • NGINX Plus 版本 R32 至 R36

有關受影響系統的詳細資料,請參閱供應商網站的相應安全公告。

 

影響:

成功利用漏洞可以導致受影響的系統發生遠端執行程式碼、服務被拒絕、權限提升、泄漏資訊、繞過保安限制、仿冒詐騙或篡改。

 

建議:

現已有適用於受影響系統的軟件更新。受影響系統的系統管理員應遵從產品供應商的建議,立即採取行動以降低風險。建議諮詢產品供應商以取得修補程式及有關支援。

 

進一步資訊:

  • https://my.f5.com/manage/s/article/K000149743
  • https://my.f5.com/manage/s/article/K000150508
  • https://my.f5.com/manage/s/article/K000156581
  • https://my.f5.com/manage/s/article/K000156604
  • https://my.f5.com/manage/s/article/K000156734
  • https://my.f5.com/manage/s/article/K000156761
  • https://my.f5.com/manage/s/article/K000157895
  • https://my.f5.com/manage/s/article/K000157981
  • https://my.f5.com/manage/s/article/K000158029
  • https://my.f5.com/manage/s/article/K000158038
  • https://my.f5.com/manage/s/article/K000158070
  • https://my.f5.com/manage/s/article/K000158082
  • https://my.f5.com/manage/s/article/K000158971
  • https://my.f5.com/manage/s/article/K000158978
  • https://my.f5.com/manage/s/article/K000158979
  • https://my.f5.com/manage/s/article/K000159021
  • https://my.f5.com/manage/s/article/K000159034
  • https://my.f5.com/manage/s/article/K000160727
  • https://my.f5.com/manage/s/article/K000160788
  • https://my.f5.com/manage/s/article/K000160857
  • https://my.f5.com/manage/s/article/K000160862
  • https://my.f5.com/manage/s/article/K000160863
  • https://my.f5.com/manage/s/article/K000160874
  • https://my.f5.com/manage/s/article/K000160875
  • https://my.f5.com/manage/s/article/K000160876
  • https://my.f5.com/manage/s/article/K000160901
  • https://my.f5.com/manage/s/article/K000160903
  • https://my.f5.com/manage/s/article/K000160911
  • https://my.f5.com/manage/s/article/K000160916
  • https://my.f5.com/manage/s/article/K000160926
  • https://my.f5.com/manage/s/article/K000160932
  • https://my.f5.com/manage/s/article/K000160945
  • https://my.f5.com/manage/s/article/K000160971
  • https://my.f5.com/manage/s/article/K000160972
  • https://my.f5.com/manage/s/article/K000160973
  • https://my.f5.com/manage/s/article/K000160975
  • https://my.f5.com/manage/s/article/K000160979
  • https://my.f5.com/manage/s/article/K000160981
  • https://my.f5.com/manage/s/article/K000161018
  • https://my.f5.com/manage/s/article/K000161019
  • https://my.f5.com/manage/s/article/K000161021
  • https://my.f5.com/manage/s/article/K000161022
  • https://my.f5.com/manage/s/article/K000161023
  • https://my.f5.com/manage/s/article/K000161027
  • https://my.f5.com/manage/s/article/K000161028
  • https://my.f5.com/manage/s/article/K000161040
  • https://my.f5.com/manage/s/article/K000161056
  • https://my.f5.com/manage/s/article/K000161068
  • https://my.f5.com/manage/s/article/K000161107
  • https://my.f5.com/manage/s/article/K000161131
  • https://my.f5.com/manage/s/article/K000161244
  • https://my.f5.com/manage/s/article/K32950402
  • https://my.f5.com/manage/s/article/K35544022
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20916
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24464
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28758
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32643
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32673
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34019
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34176
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35062
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39455
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39458 (to CVE-2026-39459)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40060 (to CVE-2026-40061)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40067
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40423
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40435
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40460
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40462
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40618
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40629
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40631
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40698 (to CVE-2026-40699)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40701
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40703
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41217 (to CVE-2026-41219)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41225
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41227
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41953 (to CVE-2026-41954)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41956 (to CVE-2026-41957)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41959
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42058
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42063
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42406
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42408 (to CVE-2026-42409)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42778 (to CVE-2026-42781)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42919 (to CVE-2026-42920)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42924
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42926
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42930
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42937
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945 (to CVE-2026-42946)


標籤 : F5 , BIG-IP , BIG-IQ , NGINX
標籤