NOMISEC-bandit92/CVE2022-1388_TestAPI

NOMISEC WORKING POC

Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass

AI Analysis

This repository provides a test API to simulate the vulnerability described in CVE-2022-1388, which allows remote command execution via the F5 BIG-IP management interface. The main.py file implements a FastAPI endpoint that mimics the vulnerable endpoint and executes bash commands provided in the request.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 5

https://github.com/bandit92/CVE2022-1388_TestAPI

Stars 4

Forks 2

Last Push May 10, 2022

Authors

bandit92

Vulnerability

CVE-2022-1388

F5 BIG-IP iControl RCE via REST Authentication Bypass

CRITICAL KEV

CVSS 9.8