Exploit for F5 BIG-IP iControl REST vulnerability CVE-2022-1388

Name: Exploit for F5 BIG-IP iControl REST vulnerability CVE-2022-1388
Rating: 5 (12 reviews)

2022-05-13 | CVSS 7.5

## https://sploitus.com/exploit?id=SAINT:8205BD2F42401C0064F30BBAC68F4F90
Added: 05/13/2022  
CVE: [CVE-2022-1388](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1388>)  


### Background

F5 BIG-IP is a suite of network security products. 

### Problem

An authentication bypass vulnerability in the iControl REST service allows remote attackers to execute arbitrary commands. 

### Resolution

Upgrade to one of the fixed versions referenced in [K23605346](<https://support.f5.com/csp/article/K23605346>). 

### References

<https://support.f5.com/csp/article/K23605346>  
<https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/>  


### Platforms

Linux