module
F5 iControl REST Unauthenticated SSRF Token Generation RCE
| Disclosed |
|---|
| Mar 10, 2021 |
Disclosed
Mar 10, 2021
Description
This module exploits a pre-auth SSRF in the F5 iControl REST API's
/mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that
can be used to execute root commands on an affected BIG-IP or BIG-IQ
device. This vulnerability is known as CVE-2021-22986.
CVE-2021-22986 affects the following BIG-IP versions:
* 12.1.0 - 12.1.5
* 13.1.0 - 13.1.3
* 14.1.0 - 14.1.3
* 15.1.0 - 15.1.2
* 16.0.0 - 16.0.1
And the following BIG-IQ versions:
* 6.0.0 - 6.1.0
* 7.0.0
* 7.1.0
Tested against BIG-IP Virtual Edition 16.0.1 in VMware Fusion.
/mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that
can be used to execute root commands on an affected BIG-IP or BIG-IQ
device. This vulnerability is known as CVE-2021-22986.
CVE-2021-22986 affects the following BIG-IP versions:
* 12.1.0 - 12.1.5
* 13.1.0 - 13.1.3
* 14.1.0 - 14.1.3
* 15.1.0 - 15.1.2
* 16.0.0 - 16.0.1
And the following BIG-IQ versions:
* 6.0.0 - 6.1.0
* 7.0.0
* 7.1.0
Tested against BIG-IP Virtual Edition 16.0.1 in VMware Fusion.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.