## https://sploitus.com/exploit?id=B38FDF75-522A-5254-9A3F-92C0D7B8CC99
# CVE-2022-1388-POC
BIG-IP iCONTROL REST API AUTH BYPASS /RCE EXPLOIT
BIG-IP RCE 2022
# DETAILS:
THE iCONTROL REST API Of BIG-IP cantain a flaw with a CVE score of 9.8 that sending a (REDACTED) request to auth backend will bypass the auth
and can execute arbitrary system commands,create or delete files
# MITIGATION:
https://support.f5.com/csp/article/K23605346
only 12.x and 11.x will not recieve the update(need manualy mitigations)
as an advice block icontrol rest access through the self ip
# this exploit is been restricked to 3 copies to avoid abuse
the script supports ip/ip-list and is multithreaded
https://satoshidisk.com/pay/CFMVKB