module
F5 Big-IP Create Admin User
| Disclosed |
|---|
| Nov 16, 2022 |
Disclosed
Nov 16, 2022
Description
This creates a local user with a username/password and root-level
privileges. Note that a root-level account is not required to do this,
which makes it a privilege escalation issue.
Note that this is pretty noisy, since it creates a user account and
creates log files and such. Additionally, most (if not all)
vulnerabilities in F5 grant root access anyways.
Adapted from https://github.com/rbowes-r7/refreshing-mcp-tool/blob/main/mcp-privesc.rb
privileges. Note that a root-level account is not required to do this,
which makes it a privilege escalation issue.
Note that this is pretty noisy, since it creates a user account and
creates log files and such. Additionally, most (if not all)
vulnerabilities in F5 grant root access anyways.
Adapted from https://github.com/rbowes-r7/refreshing-mcp-tool/blob/main/mcp-privesc.rb
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.