.. / CVE-2022-1388

Exploit for F5 BIG-IP iControl - REST Auth Bypass RCE (CVE-2022-1388)

Description:

F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, may allow undisclosed requests to bypass iControl REST authentication.

Nuclei Template

View the template here CVE-2022-1388.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-1388.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-1388
https://support.f5.com/csp/article/K23605346
https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/
https://twitter.com/GossiTheDog/status/1523566937414193153
https://www.secpod.com/blog/critical-f5-big-ip-remote-code-execution-vulnerability-patch-now/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1388

.. / CVE-2022-1388 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for F5 BIG-IP iControl - REST Auth Bypass RCE (CVE-2022-1388)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-1388