F5 BIG-IP iControl Cross Site Request Forgery
This Metasploit module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file
to the filesystem. While any file can be written to any location as root,
the exploitability is limited by SELinux; the vast majority of writable locations are unavailable. By default, we write to a script that executes
at reboot, which means the payload will execute the next time the server
boots. An alternate target - Login - will add a backdoor that executes
next time a user logs in interactively. This overwrites a file, but we
restore it when we get a session Note that because this is a CSRF vulnerability, it starts a web server, but an authenticated administrator
must visit the site, which redirects them to the target.
https://packetstormsecurity.com/files/169967/f5_icontrol_soap_csrf_rce_cve_2022 _41622.rb.txt
Mon, 21 Nov 2022 16:14:27 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com