CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-28 19:41:33 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
efebdd4f2d72a3494ec92163e9e88e00a3646b8a
CVEs-PoC/2021/CVE-2021-22986.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

138 lines
6.8 KiB
Markdown
Raw Blame History

### [CVE-2021-22986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22986)
![](https://img.shields.io/static/v1?label=Product&message=BIG-IP%3B%20BIG-IQ&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=BIG-IP%2016.0.x%20before%2016.0.1.1%2C%2015.1.x%20before%2015.1.2.1%2C%2014.1.x%20before%2014.1.4%2C%2013.1.x%20before%2013.1.3.6%2C%2012.1.x%20before%2012.1.5.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=BIG-IQ%207.1.0.x%20before%207.1.0.3%2C%207.0.0.x%20before%207.0.0.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Command%20Execution&color=brightgreen)
### Description
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
### POC
#### Reference
- http://packetstormsecurity.com/files/162059/F5-iControl-Server-Side-Request-Forgery-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/162066/F5-BIG-IP-16.0.x-Remote-Code-Execution.html
#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/189569400/Meppo
- https://github.com/1n7erface/PocList
- https://github.com/20142995/Goby
- https://github.com/20142995/nuclei-templates
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Al1ex/CVE-2021-22986
- https://github.com/AnonymouID/POC
- https://github.com/ArrestX/--POC
- https://github.com/Astrogeorgeonethree/Starred
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Coldplay1517/Middleware-Vulnerability-detection-master
- https://github.com/DDestinys/CVE-2021-22986
- https://github.com/DNTYO/F5_Vulnerability
- https://github.com/Drajoncr/AttackWebFrameworkTools
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/Ghebriou/platform_pfe
- https://github.com/GhostTroops/TOP
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Holyshitbruh/2022-2021-F5-BIG-IP-IQ-RCE
- https://github.com/Holyshitbruh/2022-2021-RCE
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Matsumoto138/Injaction-Attacks
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/NyxAzrael/Goby_POC
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Osyanina/westone-CVE-2021-22986-scanner
- https://github.com/ReAbout/audit-java
- https://github.com/S1xHcL/f5_rce_poc
- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
- https://github.com/SYRTI/POC_to_review
- https://github.com/SexyBeast233/SecBooks
- https://github.com/SouthWind0/southwind0.github.io
- https://github.com/Tas9er/CVE-2021-22986
- https://github.com/Threekiii/Awesome-POC
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/Udyz/CVE-2021-22986-SSRF2RCE
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WingsSec/Meppo
- https://github.com/XiaomingX/awesome-poc-for-red-team
- https://github.com/Yang0615777/PocList
- https://github.com/Z0fhack/Goby_POC
- https://github.com/ZephrFish/CVE-2021-22986_Check
- https://github.com/amitlttwo/CVE-2021-22986
- https://github.com/apachecn-archive/Middleware-Vulnerability-detection
- https://github.com/bfengj/CTF
- https://github.com/bhassani/Recent-CVE
- https://github.com/bigblackhat/oFx
- https://github.com/bytecaps/CVE-2022-1388-EXP
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/doocop/CVE-2022-1388-EXP
- https://github.com/dorkerdevil/CVE-2021-22986-Poc
- https://github.com/dotslashed/CVE-2021-22986
- https://github.com/gmatuz/inthewilddb
- https://github.com/hktalent/bug-bounty
- https://github.com/huike007/penetration_poc
- https://github.com/huisetiankong478/penetration_poc
- https://github.com/huydung26/CVE-2021-22986
- https://github.com/jsongmax/F5-BIG-IP-TOOLS
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kaotickj/Red-Team-Manual
- https://github.com/kiri-48/CVE-2021-22986
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
- https://github.com/luck-ying/Library-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/megabyte-b/Project-Ares
- https://github.com/merlinepedra/AttackWebFrameworkTools-5.0
- https://github.com/merlinepedra25/AttackWebFrameworkTools-5.0
- https://github.com/microvorld/CVE-2021-22986
- https://github.com/moodykeke/yangzifun
- https://github.com/n1sh1th/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/openx-org/BLEN
- https://github.com/papa-anniekey/CustomSignatures
- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
- https://github.com/peiqiF4ck/WebFrameworkTools-5.5
- https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/phil-fly/poc
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/r0eXpeR/supplier
- https://github.com/s-ribeiro/Modsecurity-Rules
- https://github.com/safesword/F5_RCE
- https://github.com/saucer-man/exploit
- https://github.com/shanyuhe/YesPoc
- https://github.com/shengshengli/AttackWebFrameworkTools-5.0
- https://github.com/soosmile/POC
- https://github.com/sudhantechie/Vacvssx
- https://github.com/superfish9/pt
- https://github.com/takeboy/https-github.com-taomujian-linbing
- https://github.com/taomujian/linbing
- https://github.com/trhacknon/Pocingit
- https://github.com/triw0lf/Security-Matters-22
- https://github.com/tzwlhack/Vulnerability
- https://github.com/west9b/F5-BIG-IP-POC
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xanszZZ/pocsuite3-poc
- https://github.com/xinyisleep/pocscan
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yaunsky/CVE-202122986-EXP
- https://github.com/yhy0/ExpDemo-JavaFX
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
- https://github.com/zmylml/yangzifun
Reference in New Issue View Git Blame Copy Permalink