CVE-2022-1388 PoC — F5 BIG-IP 访问控制错误漏洞

Source

https://github.com/jbharucha05/CVE-2022-1388

Associated Vulnerability

Title:F5 BIG-IP 访问控制错误漏洞 (CVE-2022-1388)
Description:On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Description

CVE-2022-1388, bypassing iControl REST authentication

Readme

# CVE-2022-1388
## Impact
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

## Usage
```
./CVE-2022-1388.sh <ip_addr>
```
![Output](output1.png)

## Vulnerable products
- F5 BIG-IP 16.1.0 - 16.1.2
- F5 BIG-IP 15.1.0 - 15.1.5
- F5 BIG-IP 14.1.0 - 14.1.4
- F5 BIG-IP 13.1.0 - 13.1.4
- F5 BIG-IP 12.1.0 - 12.1.6 (will not be fixed)
- F5 BIG-IP 11.6.1 - 11.6.5 (will not be fixed)

## Reference
https://support.f5.com/csp/article/K23605346

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1388


## **_Disclaimer_**
> :warning: **Any malicious use of the contents from this repo will not hold the author responsible, the contents are solely for educational purpose.**

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!