F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive

F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive

Introduction F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability is particularly worrisome for users because it is simple to exploit and provides an attacker with a method to execute arbitrary system commands. POC Let’s examine the…