POC详情: afe86b6cb8118be5540a5449bedc2a055b99c406

来源
https://github.com/mbadanoiu/CVE-2025-31644
关联漏洞
标题: F5 iControl REST和F5 BIG-IP TMOS Shell 命令注入漏洞 (CVE-2025-31644)
描述:F5 iControl REST和F5 BIG-IP TMOS Shell都是美国F5公司的产品。F5 iControl REST是一个开发框架。F5 BIG-IP TMOS Shell是一个命令行。 F5 iControl REST和F5 BIG-IP TMOS Shell存在命令注入漏洞,该漏洞源于命令注入,可能导致执行任意系统命令。
描述
CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP
介绍
# CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP

The “file” parameter of the “save” command is vulnerable to a command injection attack, allowing an authenticated attacker with administrator privileges to the “/mgmt” web API or the SSH “tmsh” shell, to obtain remote code execution as the “root” user on the target system.

**Note:** This finding is only considered a vulnerability when BIG-IP is run in Appliance mode as this may allow an authenticated attacker with administrator role to bypass the Appliance mode security that would otherwise prevent the execution of arbitrary Advanced Shell (bash) commands.

### Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found [here](https://my.f5.com/manage/s/article/K000148591).

### Requirements:

This vulnerability requires:
<br/>
- Valid user credentials
- The capability to send requests to the iControl REST component and/or the capability to execute tmsh commands

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2025-31644/blob/main/F5%20-%20CVE-2025-31644.pdf).
文件快照

 [4.0K]  /data/pocs/afe86b6cb8118be5540a5449bedc2a055b99c406
├── [375K]  F5 - CVE-2025-31644.pdf
└── [1.1K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。