Published: 31/03/2021 Updated: 12/07/2022

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3 amd BIG-IQ 7.1.0.x prior to 7.1.0.3 and 7.0.0.x prior to 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

Vulnerable Product	Search on Vulmon	Subscribe to Product
f5 big-ip access policy manager
f5 big-ip advanced firewall manager
f5 big-ip application acceleration manager
f5 big-ip analytics
f5 big-ip application security manager
f5 big-ip domain name system
f5 big-ip global traffic manager
f5 big-ip fraud protection service
f5 big-ip link controller
f5 big-ip advanced web application firewall
f5 big-ip ddos hybrid defender
f5 big-ip local traffic manager
f5 big-ip policy enforcement manager
f5 big-iq centralized management
f5 ssl orchestrator

F5 BIG-IP version 160x suffers from an iControl REST remote code execution vulnerability ...

This Metasploit module exploits a pre-authentication server-side request forgery vulnerability in the F5 iControl REST API's /mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that can be used to execute root commands on an affected BIG-IP or BIG-IQ device ...

This module exploits a pre-auth SSRF in the F5 iControl REST API's /mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that can be used to execute root commands on an affected BIG-IP or BIG-IQ device. This vulnerability is known as CVE-2021-22986. CVE-2021-22986 affects the following BIG-IP versions: * 12.1.0 - 12.1.5 * 13.1.0 - 13.1.3 * 14.1.0 - 14.1.3 * 15.1.0 - 15.1.2 * 16.0.0 - 16.0.1 And the following BIG-IQ versions: * 6.0.0 - 6.1.0 * 7.0.0 * 7.1.0 Tested against BIG-IP Virtual Edition 16.0.1 in VMware Fusion.

msf > use exploit/linux/http/f5_icontrol_rest_ssrf_rce
msf exploit(f5_icontrol_rest_ssrf_rce) > show targets
    ...targets...
msf exploit(f5_icontrol_rest_ssrf_rce) > set TARGET < target-id >
msf exploit(f5_icontrol_rest_ssrf_rce) > show options
    ...show and set options...
msf exploit(f5_icontrol_rest_ssrf_rce) > exploit

CVE-2022-1388 F5 BIG-IP RCE 批量检测

F5 BIG-IP RCE Check check： CVE-2022-1388 F5 BIG-IP RCE 批量检测 exp：注：exp是根据 CVE-2021-22986 更改！

CVE-2022-1388 F5 BIG-IP RCE 批量检测

F5 BIG-IP RCE Check check： CVE-2022-1388 F5 BIG-IP RCE 批量检测 exp：注：exp是根据 CVE-2021-22986 更改！

本系统是对Web中间件和Web框架进行自动化渗透的一个系统,根据扫描选项去自动化收集资产,然后进行POC扫描,POC扫描时会根据指纹选择POC插件去扫描,POC插件扫描用异步方式扫描.前端采用vue技术,后端采用python fastapi.

临兵漏洞扫描系统使用说明修改加密key 修改aes key 修改rsa key 打包vue源代码(进入到vue_src目录下) ubuntu部署 centos部署自编译docker文件进行部署配置编译镜像(进入项目根目录) 启动容器(进入项目根目录) 从dockerhub中获取镜像访问界面 CHANGELOG [v10] 2020228 [v11] 2020728 [v12] 2020812 [v

CVE-2021-22986 & F5 BIG-IP RCE

Vuln Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane

cve-2021-22986 f5 rce 漏洞批量检测 poc

使用 python3 f5_rcepy -u 指定目标URL -f 批量检测文件 -c 执行命令 -s/--ssrf 通过ssrf获得token执行命令效果如下所示： python3 f5_rcepy -u 127001 --ssrf 执行命令后输入exit退出 PS：输出不够美感，我会修改的😁 后续更新：修改部分�

CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP…

Nuclei Template Exploit F5 BIG-IP iControl REST Auth Bypass RCE | Command Parameter CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 98 The iControl REST API is used for the management and configuration of BIG-IP devices CVE-2022-1388 could be exploited by an unauthenticated attac

A vulnerability scanner that detects CVE-2021-22986 vulnerabilities.

westone-CVE-2021-22986-scanner

This is a Poc for BIGIP iControl unauth RCE

CVE-2021-22986-Poc This is a Poc for BIGIP iControl unauth RCE POC :~ curl -ksu admin:[redacted] 192168123134/mgmt/tm/access/bundle-install-tasks -d '{"filePath":"id"}' | jq curl -ksu : 192168123134/mgmt/shared/authn/login -d '{"bigipAuthCookie":"","loginReference":{"link":"h

Code By:Tas9er / F5 BIG-IP 远程命令执行漏洞

F5 BIG-IP RCE / CVE-2021-22986远程代码执行漏洞 Code By:Tas9er 警告本工具旨在帮助企业快速定位漏洞修复漏洞,仅限授权安全测试使用严格遵守《中华人民共和国网络安全法》,禁止未授权非法攻击站点授权测试用例: 将企业授权安全测试目标整理后放入urltxt java -jar CVE-2021-22986jar 等待系统结束�

CVE-2021-22986 This is a simple script to determine whether an IP is vulnerable to this CVE from a mass ip addresses For finding mass ip addresses use shodan or zoomeye cli Save all the ips in a file name here "testipstxt"

CVE-2021-22986 This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services This vulnerability can only be exploited through the control plane and cannot be exploited through the data pl

F5 BIG-IP远程代码执行；cve-2021-22986，批量检测；命令执行利用

F5 BIG-IP 远程命令执行漏洞（CVE-2021-22986）漏洞影响 F5 BIG-IP 16x: 16103 F5 BIG-IP 15x: 15104 F5 BIG-IP 14x: 14126 F5 BIG-IP 13x: 13134 F5 BIG-IP 12x: 12152 F5 BIG-IP 11x: 11652 fofa icon_hash="-335242539" POC POST /mgmt/tm/util/bash HTTP/11 Host: xxxxxxxxxxxx:8443 Connection: close Content-Length: 41 Cache-Control: max-age=

Hourly updated database of exploit and exploitation reports

Use the verified, up-to-date data of inthewildio directly, everything is free to use Apache 20 inTheWild is a community driven database and platform to help your vulnerability triage If you just need the exploitation information don't waste your time here, hit inthewildio/api/exploited this export includes all vulnerability data, exploits and exploitation reports You c

Modsecurity-Rules Some Custom Modsecurity Rules Use at your own responsability It is recommended to test them (change action to pass) and evaluate possible false positives in your environment, before applying any disruptive action CVE-2021-27065 Modsecurity Rule for exchange RCE It is recommended to test it before (keeping the action pass) to evaluate possible false positi

F5 BIG-IP/BIG-IQ iControl Rest API SSRF to RCE

CVE-2021-22986 F5 BIG-IP/BIG-IQ iControl Rest API SSRF to RCE Usage: python CVE-2021-22986py <127001:443>

CVE-2021-22986 F5 BIG-IP iControl 命令执行漏洞

使用 python3 f5_rcepy -u 指定目标URL -f 批量检测文件 -c 执行命令效果如下所示： PS：输出不够美感，我会修改的😁 问题该poc目前只能支持部分命令，执行history , ls 等失败，原因未知后续更新：修改部分命令执行异常情况正则匹配，美化输出更新其他p

临兵漏洞扫描系统修改加密key 修改aes key 修改rsa key 打包vue源代码(进入到vue_src目录下) ubuntu部署(强烈建议) 设置国内源安装依赖设置python38为python3 安装python3依赖库 nginx 启动nginx 添加nginx用户配置 mariadb 启动mariadb 设置mariadb密码(password为你要设置的密码) redis 配置redis 启动redis

CVE-2021-22986 Checker Script in Python3

CVE-2021-22986_Check CVE-2021-22986 Checker Script in Python3 How to Use: python3 checkerpy -u url Output: HOST IS NOT VULNERABLE: ______ _____ _____ _ _ _ | ____| ____| / ____| | | (_) | | |__ | |__ | (___ _ __ | | ___ _| |_ | __| |___ \ \___ \| '_ \| |/ _ \| | __| | | ___) | ____) | |_) | | (_) | | |_ |_| |____/ |_

CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合

F5-BIG-IP POC go语言编写CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合后续会增加F5其他POC author:160teamwest9B 仅限用于安全研究人员在授权的情况下使用，遵守网络安全法，产生任何问题，后果自负，与作者无关。 01-基本介绍 F5 POC合集： CVE-2020-5902：F5 BIG-IP远程代码执行漏洞 CVE-2021-22986：F5 BIG-IP iC

F5-BIG-IP-TOOLS 工具简介针对 F5 系列漏洞的快速利用工具，新手代码，有问题欢迎提issus 使用方法 -u url you target, example: 19216811 -c command to eval you command to eval, example: id -v the vul to use options: cve-2022-1388 cve-2021-22986 cve-2020-5902 -m only use in cve-2020-5902 options: fileRead userList dirList

F5 BIG-IP/BIG-IQ iControl Rest API SSRF to RCE

CVE-2021-22986 F5 BIG-IP/BIG-IQ iControl Rest API SSRF to RCE Usage: python CVE-2021-22986py <127001:443>

漏洞资产情报收集

漏洞情报收集 MySQL客户端jdbc反序列化漏洞 CVE-2021-22986 XStream多个高危漏洞 sudo本地权限提升漏洞（CVE-2021-3156）深信服SSL-VPN代码注入微软2021年3月补丁日漏洞通告 VMware多个高危漏洞通告 SAP Solution Manager EemAdmin 远程代码执行漏洞（CVE-2020-6207） JumpServer 远程命令执行漏洞资产收集资产收集-

Now it is F5’s turn to reveal critical security bugs – and the Feds were quick to sound the alarm on these BIG-IP flaws

The Register • Simon Sharwood, APAC Editor • 11 Mar 2021

Remote code execution, denial of service, API abuse possible. Meanwhile, FBI pegs China for Exchange hacks What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds European Banking Authority restores email service in wake of Microsoft Exchange hack

Security and automation vendor F5 has warned of seven patch-ASAP-grade vulnerabilities in its Big-IP network security and traffic-grooming products, plus another 14 vulns worth fixing. An advisory dated today lists seven CVEs, four rated critical. Most of the bugs concern TMUI – the Traffic Management User Interface that users work with to drive F5 products – and they can be exploited to achieve remote code execution, denial of service attacks, or complete device takeovers; sometimes all thr...

CVE-2021-22986

Vulnerability Summary

Vulnerability Trend

Exploits

Metasploit Modules

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect