CVE-2026-42780
MediumCVSS 4.9Exploitation Probability (EPSS)
Elevated risk55th percentile - higher than 55% of all known CVEs
Summary
A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files.
Risk Assessment
An attacker could gain control over critical system files, potentially leading to serious security breaches and system instability.
Recommendation
It is recommended to update the software to the latest version that has not reached End of Technical Support to minimize the risk associated with this vulnerability.
Original NVD description (English source)
A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

