NOMISEC-gotr00t0day/CVE-2022-1388

NOMISEC SCANNER

Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass

AI Analysis

This repository contains a scanner for CVE-2022-1388, which exploits an authentication bypass in F5 BIG-IP's iControl REST API to execute arbitrary commands. The script uses Shodan to find potential targets and attempts to verify vulnerability by sending a test command.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 2

https://github.com/gotr00t0day/CVE-2022-1388

Stars 5

Forks 0

Last Push Apr 30, 2024

Authors

gotr00t0day c0deninja

Vulnerability

CVE-2022-1388

F5 BIG-IP iControl RCE via REST Authentication Bypass

CRITICAL KEV

CVSS 9.8