CVE-2022-1388 Archives

Millions of Devices May Be Affected, and Yeskit Botnet Family Spreads on a Massive Scale by Exploiting F5 BIG-IP Vulnerability

By Jie JiPosted June 2, 2022

Background On May 4, 2022, F5 issued a security bulletin regarding a remote code execution vulnerability in iControlREST component of BIG-IP products. The CVE number of the vulnerability is CVE-2022-1388. The vulnerability can bypass authentication and remotely execute arbitrary code with a vulnerability score of CVSS up to 9.8....

F5 BIG-IP iControl REST Authentication Bypass Vulnerability (CVE-2022-1388) Alert

By Jie JiPosted May 11, 2022

Overview Recently, NSFOCUS CERT detected that F5 issued a security bulletin to fix an authentication bypass vulnerability in BIG-IP. Unauthenticated attackers can use the control interface to exploit, through the BIG-IP management interface or its own IP address. Network access to the iControl REST interface to execute arbitrary system commands,...

Tag: CVE-2022-1388

Millions of Devices May Be Affected, and Yeskit Botnet Family Spreads on a Massive Scale by Exploiting F5 BIG-IP Vulnerability

F5 BIG-IP iControl REST Authentication Bypass Vulnerability (CVE-2022-1388) Alert

CLOUD-DELIVERED SERVICES

PRODUCTS

SOLUTIONS

SUPPORT & SERVICES

RESOURCES

NEWS AND EVENTS

COMPANY