Back to KEVs

CVE-2022-1388

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to...

Basic Information

CVE State: PUBLISHED
Reserved Date: April 19, 2022
Published Date: May 05, 2022
Last Updated: January 29, 2025
Vendor: F5
Product: BIG-IP
Description: On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-05-10 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2022-12-06 16:59:56 UTC) Source
Used in Malware: Yes (added 2022-05-10 00:00:00 UTC) Source

References

https://support.f5.com/csp/article/K23605346 http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html http://packetstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.html http://packetstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.html https://www.secpod.com/blog/critical-f5-big-ip-remote-code-execution-vulnerability-patch-now/

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-05-10 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/f5_icontrol_rce.rb	2025-04-29 11:01:12 UTC
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-1388.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

f5_icontrol_rce

Type: metasploit • Created: Unknown

Metasploit module for CVE-2022-1388

gotr00t0day/CVE-2022-1388

Type: github • Created: 2024-04-30 01:10:05 UTC • Stars: 5

A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.

nvk0x/CVE-2022-1388-exploit

Type: github • Created: 2024-01-03 12:28:06 UTC • Stars: 2

exploit poc

vaelwolf/CVE-2022-1388

Type: github • Created: 2022-12-24 03:59:24 UTC • Stars: 7

-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams

devengpk/CVE-2022-1388

Type: github • Created: 2022-12-21 16:11:48 UTC • Stars: 2

amitlttwo/CVE-2022-1388

Type: github • Created: 2022-12-06 16:59:56 UTC • Stars: 1

revanmalang/CVE-2022-1388

Type: github • Created: 2022-11-30 04:06:56 UTC • Stars: 3

forktheplanet/CVE-2022-1388

Type: github • Created: 2022-10-25 12:29:54 UTC • Stars: 2

cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE

li8u99/CVE-2022-1388

Type: github • Created: 2022-06-21 03:09:26 UTC • Stars: 0

CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '/mgmt/tm/util/bash' endpoint

Chocapikk/CVE-2022-1388

Type: github • Created: 2022-06-20 01:58:40 UTC • Stars: 1

CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '/mgmt/tm/util/bash' endpoint

aancw/CVE-2022-1388-rs

Type: github • Created: 2022-05-17 10:51:39 UTC • Stars: 3

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust

PsychoSec2/CVE-2022-1388-POC

Type: github • Created: 2022-05-15 03:58:21 UTC • Stars: 14

An Improved Proof of Concept for CVE-2022-1388 w/ an Interactive Shell

justakazh/CVE-2022-1388

Type: github • Created: 2022-05-13 10:18:29 UTC • Stars: 14

Tool for CVE-2022-1388

Zeyad-Azima/CVE-2022-1388

Type: github • Created: 2022-05-12 16:54:52 UTC • Stars: 13

F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB

pauloink/CVE-2022-1388

Type: github • Created: 2022-05-11 21:55:43 UTC • Stars: 0

EvilLizard666/CVE-2022-1388

Type: github • Created: 2022-05-11 19:33:37 UTC • Stars: 2

CVE-2022-1388 Scanner

AmirHoseinTangsiriNET/CVE-2022-1388-Scanner

Type: github • Created: 2022-05-11 17:43:44 UTC • Stars: 5

0x7eTeam/CVE-2022-1388-PocExp

Type: github • Created: 2022-05-10 15:44:50 UTC • Stars: 5

CVE-2022-1388-PocExp,新增了多线程,F5 BIG-IP RCE exploitation

thatonesecguy/CVE-2022-1388-Exploit

Type: github • Created: 2022-05-10 15:16:12 UTC • Stars: 1

Test and Exploit Scripts for CVE 2022-1388 (F5 Big-IP)

Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388

Type: github • Created: 2022-05-10 05:30:11 UTC • Stars: 5

qusaialhaddad/F5-BigIP-CVE-2022-1388

Type: github • Created: 2022-05-10 04:44:05 UTC • Stars: 8

Reverse Shell for CVE-2022-1388

Stonzyy/Exploit-F5-CVE-2022-1388

Type: github • Created: 2022-05-10 02:57:31 UTC • Stars: 5

PoC For F5 BIG-IP - bash script Exploit one Liner

superzerosec/CVE-2022-1388

Type: github • Created: 2022-05-09 15:42:55 UTC • Stars: 2

CVE-2022-1388 POC exploit

saucer-man/CVE-2022-1388

Type: github • Created: 2022-05-09 15:24:27 UTC • Stars: 2

CVE-2022-1388

savior-only/CVE-2022-1388

Type: github • Created: 2022-05-09 14:37:04 UTC • Stars: 2

CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞

Henry4E36/CVE-2022-1388

Type: github • Created: 2022-05-09 14:02:34 UTC • Stars: 8

F5 BIG-IP iControl REST身份验证绕过漏洞

Al1ex/CVE-2022-1388

Type: github • Created: 2022-05-09 14:01:38 UTC • Stars: 36

CVE-2022-1388 F5 BIG-IP iControl REST RCE

horizon3ai/CVE-2022-1388

Type: github • Created: 2022-05-09 11:46:45 UTC • Stars: 232

POC for CVE-2022-1388

ZephrFish/F5-CVE-2022-1388-Exploit

Type: github • Created: 2022-05-09 11:30:09 UTC • Stars: 58

Exploit and Check Script for CVE 2022-1388

Vulnmachines/F5-Big-IP-CVE-2022-1388

Type: github • Created: 2022-05-09 10:46:19 UTC • Stars: 6

CVE-2022-1388 F5 Big IP unauth remote code execution

alt3kx/CVE-2022-1388_PoC

Type: github • Created: 2022-05-09 10:34:38 UTC • Stars: 88

F5 BIG-IP RCE exploitation (CVE-2022-1388)

0xf4n9x/CVE-2022-1388

Type: github • Created: 2022-05-09 10:22:31 UTC • Stars: 85

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

yukar1z0e/CVE-2022-1388

Type: github • Created: 2022-05-09 10:06:11 UTC • Stars: 1

batch scan CVE-2022-1388

sherlocksecurity/CVE-2022-1388-Exploit-POC

Type: github • Created: 2022-05-09 07:39:55 UTC • Stars: 58

PoC for CVE-2022-1388_F5_BIG-IP

blind-intruder/CVE-2022-1388-RCE-checker-and-POC-Exploit

Type: github • Created: 2022-05-08 09:28:19 UTC • Stars: 7

doocop/CVE-2022-1388-EXP

Type: github • Created: 2022-05-07 17:54:08 UTC • Stars: 93

CVE-2022-1388 F5 BIG-IP RCE 批量检测

MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed

Type: github • Created: 2022-05-06 06:22:47 UTC • Stars: 24

This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

jheeree/CVE-2022-1388-checker

Type: github • Created: 2022-05-05 15:25:53 UTC • Stars: 25

Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)

numanturle/CVE-2022-1388

Type: github • Created: 2022-05-05 10:35:35 UTC • Stars: 53

K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388