Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager CVE-2022-1388

Name: Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager CVE-2022-1388
Rating: 5 (63 reviews)

2022-05-11 | CVSS 7.5

## https://sploitus.com/exploit?id=28F29C06-FF69-5E55-A2FB-581179E3923A
# CVE-2022-1388
This repository conssists of the python exploit code for CVE-2022-1388( F5's BIG-IP RCE) 

usage: exploit.py [-h] -t TARGET -p PORT -c CMD [--ssl]

options:\
  -h, --help            show this help message and exit\
  -t TARGET, --target TARGET
                        Specify the IP Address/Domain Name of the vulnerable server\
  -p PORT, --port PORT  Specify port number of the vulnerable server\
  -c CMD, --cmd CMD     Specify the command that you want to execute\
  --ssl                 Specify this optional argument if the server uses ssl
  
  Example -
  For a webserber that uses HTTPS and runs on port 8443 at 192.168.0.13\
  ./exploit.py -t 192.168.0.13 -p 8443 -c 'id' --ssl
  
  For a webserver that uses HTTP and runs on port 1346 at 192.168.0.13\
  ./exploit.py -t 192.168.0.13 -p 1346 -c 'id'