Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-46747 PoC — BIG-IP Configuration utility unauthenticated remote code execution vulnerability

Source
https://github.com/maniak-academy/Mitigate-CVE-2023-46747
Associated Vulnerability
Title:BIG-IP Configuration utility unauthenticated remote code execution vulnerability (CVE-2023-46747)
Description:Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Readme
# Ansible Playbook to Mitigate CVE-2023-46747

##  K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747
Here is the link  https://my.f5.com/manage/s/article/K000137353

## How to use it

1. Git clone my repo https://github.com/maniak-academy/Mitigate-CVE-2023-46747.git
2. Update the hosts.ini if you bigip information
3. execute the playbook 

```
ansible-playbook -i hosts.ini playbook.yaml   
```


Here is the output.

PLAY [Execute script on F5 BIG-IP] ****************************************************************************************************************

TASK [Copy the script to the BIG-IP] **************************************************************************************************************
changed: [172.16.10.31]
changed: [172.16.10.30]

TASK [Execute the script on the BIG-IP] ***********************************************************************************************************
changed: [172.16.10.30]
changed: [172.16.10.31]

TASK [Save script output messages] ****************************************************************************************************************
ok: [172.16.10.30]
ok: [172.16.10.31]

TASK [Aggregate script output messages on localhost] **********************************************************************************************
ok: [172.16.10.30 -> localhost] => (item=Applying ID1378329 mitigation...)
ok: [172.16.10.30 -> localhost] => (item=Restarting httpd...)
ok: [172.16.10.31 -> localhost] => (item=Applying ID1378329 mitigation...)
)k: [172.16.10.30 -> localhost] => (item=Stopping httpd: [  OK  ]
ok: [172.16.10.31 -> localhost] => (item=Restarting httpd...)
)k: [172.16.10.30 -> localhost] => (item=Starting httpd: [  OK  ]
)k: [172.16.10.31 -> localhost] => (item=Stopping httpd: [  OK  ]
)k: [172.16.10.31 -> localhost] => (item=Starting httpd: [  OK  ]
ok: [172.16.10.30 -> localhost] => (item=Restarting tomcat...)
ok: [172.16.10.30 -> localhost] => (item=Done!)
ok: [172.16.10.31 -> localhost] => (item=Restarting tomcat...)
ok: [172.16.10.31 -> localhost] => (item=Done!)
File Snapshot

 [4.0K]  /data/pocs/9eaf5e1adb403b48044c036abc89203b17fb5a94
├── [  36]  ansible.cfg
├── [ 186]  hosts.ini
├── [4.0K]  mitigation.sh
├── [1.8K]  playbook.yaml
└── [2.1K]  README.md

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →