F5 BIG-IP iControl Remote Code Execution
Posted by deepcore on May 13, 2022 – 6:06 am
This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.
Post a reply
You must be logged in to post a comment.