F5 BIG-IP iControl REST Panel (#4303)

* CVE-2022-1388 / BIG-IP iControl REST vulnerability

* Update CVE-2022-1388.yml

Validate with status code
status:
          - 401

* renamed template

Co-authored-by: sandeep <sandeep@projectdiscovery.io>

exposed-panels/bigip-rest-panel.yaml

@@ -0,0 +1,31 @@
+id: bigip-icontrol-rest
+
+info:
+  name: F5 BIG-IP iControl REST Panel
+  author: MrCl0wnLab
+  severity: info
+  description: |
+   Undisclosed requests may bypass iControl REST authentication.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1388
+    - https://support.f5.com/csp/article/K23605346
+    - https://clouddocs.f5.com/products/big-iq/mgmt-api/v5.4/ApiReferences/bigiq_api_ref/r_auth_login.html
+  metadata:
+    shodan-query: http.title:"BIG-IP®-+Redirect" +"Server"
+  tags: panel,bigip,f5
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/mgmt/shared/authn/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "resterrorresponse"
+
+      - type: status
+        status:
+          - 401