CVE-2014-3220

F5 BIG-IQ Cloud and Security 4.0.0-4.1.0 - Authenticated Arbitrary Password Change via User Name Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3220. PoCs published by Brandon Perry.

AI-analyzed exploit summary This Metasploit module exploits CVE-2014-3220 to escalate privileges and change the root password on F5 BIG-IQ v4.1.0.2013.0. It authenticates as a low-privilege user, escalates privileges via a PUT request, and establishes an SSH session with the new root credentials.

Description

F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/authz/users/.

Exploits (1)

exploitdb WORKING POC

by Brandon Perry · rubyremotehardware

https://www.exploit-db.com/exploits/33143

View Code ZIP pw:eip

This Metasploit module exploits CVE-2014-3220 to escalate privileges and change the root password on F5 BIG-IQ v4.1.0.2013.0. It authenticates as a low-privilege user, escalates privileges via a PUT request, and establishes an SSH session with the new root credentials.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: F5 BIG-IQ v4.1.0.2013.0

Auth required

Prerequisites: Valid low-privilege credentials · Network access to the target · SSH access to the target

MITRE ATT&CK