An SQL injection vulnerability in F5 BIG-IP Next Central Manager may allow unauthenticated remote attackers to bypass authentication in the target application. The vulnerability is reached via the /api/login endpoint. This module will use the vulnerability to retrieve the administrative user password hash.
CVE Link
Exploit Platform
Product Name