F5 Big IP CVE-2021-22986 RCE Exploit Being Added to Attack Frameworks

​*F5 Big IP CVE-2021-22986 RCE Exploit Being Added to Attack Frameworks* Sensors started seeing human momentum behind a framework meant to exploit public-facing applications (T1190). It looks like an RCE for CVE-2021-22986 was just added but we can’t confirm this by looking at the source, as just a precompiled binary is provided, and we have not tested the binary. None the less, this type of integration signals to widespread adoption and misuse of this exploit. Lastly, this framework claims to target the recent vCenter (CVE-2021-21972) exploit as well, which our sensors have registered heavy human momentum behind.
 
Anonymous-ghost/AttackWebFrameworkTools: https://github.com/Anonymous-ghost/AttackWebFrameworkTools
 
#infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam