module
F5 BIG-IP SSH Private Key Exposure
Disclosed | Created |
---|---|
2012-06-11 | 2018-05-30 |
Disclosed
2012-06-11
Created
2018-05-30
Description
F5 ships a public/private key pair on BIG-IP appliances that allows
passwordless authentication to any other BIG-IP box. Since the key is
easily retrievable, an attacker can use it to gain unauthorized remote
access as root.
passwordless authentication to any other BIG-IP box. Since the key is
easily retrievable, an attacker can use it to gain unauthorized remote
access as root.
Author
egypt egypt@metasploit.com
Platform
Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.