Share
## https://sploitus.com/exploit?id=51F21941-30E2-5FD0-986D-88D74D835300
# CVE-2022-1388
## Impact
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

## Usage
```
./CVE-2022-1388.sh <ip_addr>
```
![Output](output1.png)

## Vulnerable products
- F5 BIG-IP 16.1.0 - 16.1.2
- F5 BIG-IP 15.1.0 - 15.1.5
- F5 BIG-IP 14.1.0 - 14.1.4
- F5 BIG-IP 13.1.0 - 13.1.4
- F5 BIG-IP 12.1.0 - 12.1.6 (will not be fixed)
- F5 BIG-IP 11.6.1 - 11.6.5 (will not be fixed)

## Reference
https://support.f5.com/csp/article/K23605346

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1388


## **_Disclaimer_**
> :warning: **Any malicious use of the contents from this repo will not hold the author responsible, the contents are solely for educational purpose.**