![]() ![]() ![]() Let’s talk about the context of the vulnerability. (Source: F5 iControl Whitepaper) What is CVE-2021-22986? ![]() The F5 iControl is a REST-based API that allows you to execute multiple actions for BIG-IP devices that you manage, such as changing the system configuration. So this guide is dedicated to how you can search for vulnerable hosts, how you can exploit the vulnerability, and the solution to mitigate it. We saw a lot of vulnerable and unpatched systems out in the wild, even if the security flaw was discovered around March 2021, so we couldn’t just stand on the sidelines.ĭiscovered around March 2021, CVE-2021-22986 still keeps the door open for attackers in many vulnerable systems in the wild. As a pentester, when you see a major critical vulnerability persist for months in unpatched systems (like Log4Shell), you have a responsibility to help others understand its severity and how they can fix it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |