NOMISEC-west9b/F5-BIG-IP-POC

NOMISEC WORKING POC

Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass

AI Analysis

This repository contains a Go-based PoC for multiple F5 BIG-IP vulnerabilities, including CVE-2022-1388, which allows authentication bypass and remote command execution. The code sends crafted HTTP requests to exploit the vulnerabilities and checks for successful execution.

Attack Type

RCE | auth_bypass

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 7

https://github.com/west9b/F5-BIG-IP-POC

Stars 10

Forks 2

Last Push Jul 30, 2022

Authors

west9b 160team.west9B

Vulnerability

CVE-2022-1388

F5 BIG-IP iControl RCE via REST Authentication Bypass

CRITICAL KEV

CVSS 9.8