CVE-2022-1388-POC

BIG-IP iCONTROL REST API AUTH BYPASS /RCE EXPLOIT BIG-IP RCE 2022

DETAILS:

THE iCONTROL REST API Of BIG-IP cantain a flaw with a CVE score of 9.8 that sending a (REDACTED) request to auth backend will bypass the auth and can execute arbitrary system commands,create or delete files

MITIGATION:

https://support.f5.com/csp/article/K23605346 only 12.x and 11.x will not recieve the update(need manualy mitigations) as an advice block icontrol rest access through the self ip

this exploit is been restricked to 3 copies to avoid abuse

the script supports ip/ip-list and is multithreaded https://satoshidisk.com/pay/CFMVKB

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
CVE-2022-1388-poc.py		CVE-2022-1388-poc.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2022-1388-POC

DETAILS:

MITIGATION:

this exploit is been restricked to 3 copies to avoid abuse

About

Releases

Packages

Languages

hackeyes/CVE-2022-1388-POC

Folders and files

Latest commit

History

Repository files navigation

CVE-2022-1388-POC

DETAILS:

MITIGATION:

this exploit is been restricked to 3 copies to avoid abuse

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages