Web: https://packetstormsecurity.com/files/170008/f5_icontrol_rpmspec_rce_cve_2022_41800.rb.txt

Nov. 24, 2022, 2:13 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits a newline injection into an RPM .rpmspec file that permits authenticated users to remotely execute commands. Successful exploitation results in remote code execution as the root user.

big big-ip command execution icontrol remote

Cyber Transformation Consultant - Energy & Utilities

@ PA Consulting | London, United Kingdom

Security Operations Lead

@ Vattenfall | Amsterdam, Netherlands

Technology - Energy and Natural Resources sector, Security Strategy & Governance, Cyber Defence, Identity & Access

@ KPMG Australia | Sydney, Australia

DevSecOps Manager

@ Nexient | United States

IT Security Manager (REF194D)

@ Deutsche Telekom IT Solutions | Budapest, Debrecen, Pécs, Szeged, Hungary

Security GRC Consultant

@ Devoteam | Zaventem, Belgium

Information Security & Data Privacy Specialist

@ SirionLabs | Gurugram, Haryana, India

Junior Security Engineer

@ Eurofins | Barcelona, Spain

Senior Application Security Engineer [Remote - UK]

@ Confluent, Inc. | Remote, England

Threat Analysis Security Engineer

@ MANGOPAY | Paris, France

Sr. Professional Services Consultant II

@ Palo Alto Networks | Denver, CO, United States

Senior Offensive Security Engineer

@ MANGOPAY | Paris, France