| Name | f5_bigip_auth_bypass_rce |
| CVE | CVE-2022-1388 |
| Exploit Pack | CANVAS |
| Description | f5_bigip_auth_bypass_rce |
| Notes | CVE Name: CVE-2022-1388 NOTES: CVE-2022-1388 bypasses iControl REST authentication and ultimately allows for arbitrary code execution within the F5 BIG-IP API. Any version proir to BIG-IP 17 is considered vulnerable. Tested against: - F5 BIG-IP v16.1.2 CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2022-1388 CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Date public: 05/05/2022 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |