[email protected]:MrCl0wnLab/Nuclei-Template-Exploit-CVE-2022-1388-BIG-IP-iControl-REST.git

VULNCHECK_XDB WORKING POC

Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass

AI Analysis

This repository contains a functional Nuclei template for exploiting CVE-2022-1388, an authentication bypass vulnerability in F5 BIG-IP iControl REST API. The exploit allows unauthenticated remote command execution by leveraging a crafted HTTP request with a malformed X-F5-Auth-Token header.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Vulncheck_xdb

Type remote

Files 2

https://github.com/MrCl0wnLab/Nuclei-Template-Exploit-CVE-2022-1388-BIG-IP-iControl-REST

Authors

MrCl0wn

Vulnerability

CVE-2022-1388

F5 BIG-IP iControl RCE via REST Authentication Bypass

CRITICAL KEV

CVSS 9.8