GITHUB-Pr0t0c01/CVEs/BigIP_CVE-2022-1388

GITHUB python WORKING POC

Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass

AI Analysis

The repository contains a functional exploit for CVE-2022-1388, an authentication bypass vulnerability in F5 BIG-IP's iControl REST API. It includes a Nuclei template and manual PoC using crafted HTTP requests to achieve RCE via the `/mgmt/tm/util/bash` endpoint.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Github

Type poc

Language python

Files 5

https://github.com/Pr0t0c01/CVEs/tree/main/BigIP_CVE-2022-1388

Stars 2

Forks 1

Last Push Oct 29, 2024

Authors

MrCl0wn Pr0t0c01

Vulnerability

CVE-2022-1388

F5 BIG-IP iControl RCE via REST Authentication Bypass

CRITICAL KEV

CVSS 9.8