NOMISEC-EvilLizard666/CVE-2022-1388

NOMISEC SCANNER

Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass

AI Analysis

The repository contains a scanner for CVE-2022-1388, an RCE vulnerability in F5 BIG-IP. It checks for vulnerability by sending a crafted POST request to the `/mgmt/tm/util/bash` endpoint on ports 443 and 8443, attempting to execute a command to read `/etc/passwd`.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 4

https://github.com/EvilLizard666/CVE-2022-1388

Stars 2

Forks 0

Last Push Jan 22, 2023

Authors

EvilLizard666

Vulnerability

CVE-2022-1388

F5 BIG-IP iControl RCE via REST Authentication Bypass

CRITICAL KEV

CVSS 9.8