Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2022-41622

Published: 07/12/2022 Updated: 07/11/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

In all versions,  BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

f5 big-iq centralized management 7.1.0

f5 big-iq centralized management

f5 big-ip advanced firewall manager 17.0.0

f5 big-ip advanced firewall manager

f5 big-ip analytics 17.0.0

f5 big-ip analytics

f5 big-ip access policy manager 17.0.0

f5 big-ip access policy manager

f5 big-ip application security manager 17.0.0

f5 big-ip application security manager

f5 big-ip domain name system 17.0.0

f5 big-ip domain name system

f5 big-ip fraud protection service 17.0.0

f5 big-ip fraud protection service

f5 big-ip global traffic manager 17.0.0

f5 big-ip global traffic manager

f5 big-ip link controller 17.0.0

f5 big-ip link controller

f5 big-ip local traffic manager 17.0.0

f5 big-ip local traffic manager

f5 big-ip policy enforcement manager 17.0.0

f5 big-ip policy enforcement manager

f5 big-ip application acceleration manager 17.0.0

f5 big-ip application acceleration manager

Exploits

Exploit DB: F5 Big-IP Create Administrative User
This Metasploit module creates a local user with a username/password and root-level privileges Note that a root-level account is not required to do this, which makes it a privilege escalation issue Note that this is pretty noisy, since it creates a user account and creates log files and such Additionally, most (if not all) vulnerabilities in F5 ...
Exploit DB: F5 BIG-IP iControl Cross Site Request Forgery
This Metasploit module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem While any file can be written to any location as root, the exploitability is limited by SELinux; the vast majority of writable locations are unavailable By default, we write to a script t ...
Exploit DB: F5 BIG-IP iControl Remote Command Execution
This Metasploit module exploits a newline injection into an RPM rpmspec file that permits authenticated users to remotely execute commands Successful exploitation results in remote code execution as the root user ...
Exploit DB: F5 BIG-IP iControl CSRF File Write SOAP API
This module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem While any file can be written to any location as root, the exploitability is limited by SELinux; the vast majority of writable locations are unavail ...

Metasploit Modules

F5 BIG-IP iControl CSRF File Write SOAP API

This module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem. While any file can be written to any location as root, the exploitability is limited by SELinux; the vast majority of writable locations are unavailable. By default, we write to a script that executes at reboot, which means the payload will execute the next time the server boots. An alternate target - Login - will add a backdoor that executes next time a user logs in interactively. This overwrites a file, but we restore it when we get a session Note that because this is a CSRF vulnerability, it starts a web server, but an authenticated administrator must visit the site, which redirects them to the target.

msf > use exploit/linux/http/f5_icontrol_soap_csrf_rce_cve_2022_41622
msf exploit(f5_icontrol_soap_csrf_rce_cve_2022_41622) > show targets
    ...targets...
msf exploit(f5_icontrol_soap_csrf_rce_cve_2022_41622) > set TARGET < target-id >
msf exploit(f5_icontrol_soap_csrf_rce_cve_2022_41622) > show options
    ...show and set options...
msf exploit(f5_icontrol_soap_csrf_rce_cve_2022_41622) > exploit

References

CWE-352https://support.f5.com/csp/article/K94221585https://nvd.nist.govhttps://packetstormsecurity.com/files/170847/F5-Big-IP-Create-Administrative-User.htmlhttps://www.rapid7.com/db/modules/exploit/linux/http/f5_icontrol_soap_csrf_rce_cve_2022_41622/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044client sideCVE-2021-47601deserializationCVE-2024-34994encryptionCVE-2021-47609CVE-2024-37079CVE-2024-38608
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook