Exploitation Summary
EIP tracks 1 public exploit for CVE-2012-2997. PoCs published by anonymous.
AI-analyzed exploit summary This exploit demonstrates an XML External Entity (XXE) injection vulnerability in F5 Networks BIG-IP, allowing attackers to read local files such as /etc/shadow by sending a crafted XML payload to the vulnerable endpoint.
Description
XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 through 10.2.4 and 11.0.0 through 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file.
Exploits (1)
This exploit demonstrates an XML External Entity (XXE) injection vulnerability in F5 Networks BIG-IP, allowing attackers to read local files such as /etc/shadow by sending a crafted XML payload to the vulnerable endpoint.