← volver
CVE-2022-1388

CVE-2022-1388

CVSS 9.8 CRITICALEPSS 100.0%● KEVCWE-306
En resumen

Los dispositivos F5 BIG-IP con ciertas versiones de software permiten que los atacantes eludan la autenticación de la API iControl REST, obteniendo acceso no autorizado a funciones críticas de gestión del sistema sin credenciales válidas.

Detalle técnico

CWE-306 (Verificación de Autenticación Ausente): Las solicitudes no autenticadas a iControl REST en versiones vulnerables de BIG-IP eluden mecanismos de autenticación, permitiendo que atacantes remotos accedan directamente a funciones administrativas. Las versiones afectadas incluyen 16.1.x (<16.1.2.2), 15.1.x (<15.1.5.1), 14.1.x (<14.1.4.6), 13.1.x (<13.1.5) y todas las versiones 12.1.x y 11.6.x. El impacto incluye compromiso completo del dispositivo y manipulación de configuraciones.

Resumen generado y traducido por IA a partir de la descripción oficial.
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
F5 · BIG-IP
PoCs públicas encontradas69
githubgithub.com/horizon3ai/CVE-2022-1388230githubgithub.com/doocop/CVE-2022-1388-EXP93githubgithub.com/alt3kx/CVE-2022-1388_PoC87githubgithub.com/0xf4n9x/CVE-2022-138883githubgithub.com/ZephrFish/F5-CVE-2022-1388-Exploit59githubgithub.com/sherlocksecurity/CVE-2022-1388-Exploit-POC58githubgithub.com/numanturle/CVE-2022-138853githubgithub.com/Al1ex/CVE-2022-138837githubgithub.com/MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed28githubgithub.com/jheeree/CVE-2022-1388-checker25githubgithub.com/PsychoSec2/CVE-2022-1388-POC14githubgithub.com/justakazh/CVE-2022-138813githubgithub.com/Zeyad-Azima/CVE-2022-138812githubgithub.com/west9b/F5-BIG-IP-POC10githubgithub.com/Henry4E36/CVE-2022-13888githubgithub.com/qusaialhaddad/F5-BigIP-CVE-2022-13887githubgithub.com/vaelwolf/CVE-2022-13887githubgithub.com/blind-intruder/CVE-2022-1388-RCE-checker-and-POC-Exploit7githubgithub.com/gotr00t0day/CVE-2022-13887githubgithub.com/MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter6githubgithub.com/0x7eTeam/CVE-2022-1388-PocExp6githubgithub.com/Vulnmachines/F5-Big-IP-CVE-2022-13886githubgithub.com/Angus-Team/F5-BIG-IP-RCE-CVE-2022-13885githubgithub.com/Stonzyy/Exploit-F5-CVE-2022-13885githubgithub.com/AmirHoseinTangsiriNET/CVE-2022-1388-Scanner5githubgithub.com/bandit92/CVE2022-1388_TestAPI4githubgithub.com/revanmalang/CVE-2022-13883githubgithub.com/nvk0x/CVE-2022-1388-exploit3githubgithub.com/aancw/CVE-2022-1388-rs2githubgithub.com/SecTheBit/CVE-2022-13882githubgithub.com/savior-only/CVE-2022-13882githubgithub.com/saucer-man/CVE-2022-13882githubgithub.com/superzerosec/CVE-2022-13882githubgithub.com/EvilLizard666/CVE-2022-13882githubgithub.com/devengpk/CVE-2022-13882githubgithub.com/chesterblue/CVE-2022-13881githubgithub.com/LinJacck/CVE-2022-1388-EXP1githubgithub.com/iveresk/cve-2022-1388-1veresk1githubgithub.com/shamo0/CVE-2022-13881githubgithub.com/vesperp/CVE-2022-1388-F5-BIG-IP1githubgithub.com/thatonesecguy/CVE-2022-1388-Exploit1githubgithub.com/0xAgun/CVE-2022-13881githubgithub.com/yukar1z0e/CVE-2022-13881githubgithub.com/iveresk/cve-2022-1388-iveresk-command-shell1githubgithub.com/Chocapikk/CVE-2022-13881githubgithub.com/Luchoane/CVE-2022-1388_refresh1githubgithub.com/ThinkingOffensively/CVE-2022-13881githubgithub.com/amitlttwo/CVE-2022-13881githubgithub.com/j-baines/tippa-my-tongue1githubgithub.com/nico989/CVE-2022-13881githubgithub.com/pauloink/CVE-2022-13880githubgithub.com/Osyanina/westone-CVE-2022-1388-scanner0githubgithub.com/sashka3076/F5-BIG-IP-exploit0githubgithub.com/li8u99/CVE-2022-13880githubgithub.com/jbharucha05/CVE-2022-13880githubgithub.com/omnigodz/CVE-2022-13880githubgithub.com/impost0r/CVE-2022-13880githubgithub.com/M4fiaB0y/CVE-2022-13880githubgithub.com/mr-vill4in/CVE-2022-13880githubgithub.com/On-Cyber-War/CVE-2022-13880githubgithub.com/r0otk3r/CVE-2022-13880githubgithub.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study0githubgithub.com/Hudi233/CVE-2022-13880githubgithub.com/battleofthebots/refresh0githubgithub.com/Wrin9/CVE-2022-13880exploitdbwww.exploit-db.com/exploits/50932no verificadocve_referencepacketstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.htmlno verificadocve_referencepacketstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.htmlno verificadocve_referencepacketstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.htmlhttps://support.f5.com/csp/article/K23605346https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-1388https://www.secpod.com/blog/critical-f5-big-ip-remote-code-execution-vulnerability-patch-now/