Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-46747 PoC — BIG-IP Configuration utility unauthenticated remote code execution vulnerability

Source
https://github.com/nvansluis/test_cve-2023-46747
Associated Vulnerability
Title:BIG-IP Configuration utility unauthenticated remote code execution vulnerability (CVE-2023-46747)
Description:Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Readme
Python script to test if a F5 BIG-IP is vulnerable for CVE-2023-46747.
When vulnerable a user account with administrator rights is added.

To mitigate this vulnerability, see: https://my.f5.com/manage/s/article/K000137353
File Snapshot

 [4.0K]  /data/pocs/c8a950bef8966d63d841dc09562030eeb1668fe3
├── [1.0K]  LICENSE
├── [ 222]  README.md
└── [3.3K]  test_cve-2023-46747.py

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →