Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-5902 PoC — F5 BIG-IP 路径遍历漏洞

Source
https://github.com/TheCyberViking/CVE-2020-5902-Vuln-Checker
Associated Vulnerability
Title:F5 BIG-IP 路径遍历漏洞 (CVE-2020-5902)
Description:In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
Description
Simple Vulnerability Checker Wrote by me "@TheCyberViking" and A fellow Researcher who wanted to be left Nameless... you know who you are you beautiful bitch
Readme
# CVE-2020-5902 Vulnerability Checker

![N|Solid](https://zdnet1.cbsistatic.com/hub/i/2020/07/03/b6c96e0e-7da9-461a-adff-d6009723189a/f5-networks.jpg)

While looking at the vulnerabilty with fellow researchers we came to the idea that most of the current ways in which to test for the vulnerability can be classed as a form of compromise of the system. We wanted to develop a way in which to test the vulnerability so that it doest not compromise the system being scanned.

for this we wrote this small python tool, In does a GET request to the login for the system, this shows the the system is avilable and viewable and could be open to compromise from an attacker, and in turn doesnt not compromise any system informaiton or client data.

## What is F5 BIG-IP
The F5 BIG-IP DNS uses topology-based load balancing to inspect a user's IP and determine the most efficient data center. The term load balancing can also refer to file servers, when file protocol requests are distributed across file servers to overcome the capacity, bandwidth, or CPU limitations of any single system.

That one singular quote should give you an idea VERY quickly why this is a ciritcial vulenrability and mixed with the simplisticness of the attack seen bellow.

## CVE-2020-5902
this is a critical CVSS 10.0 vulnerability discovered in F5 Big-IP systems, in versions 5.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1. The exploitation process the  attacker needs to send a specifically crafted HTTP request to the server hosting the Traffic Management User Interface (TMUI) utility for BIG-IP configuration."

more information on the vulnerability can be found from F5 support here https://support.f5.com/csp/article/K52145254

## Exploitation
The exploitation is straight forward and very public at current and simplistic using a simple GET request or a curl command that can be done by any skid with a up todate windows command prompt:

## Acknowledgement
This tool was wrote by my CyberViking and a fellow researcher who wanted to re-name nameless, you know who you are you beautiful bitch.

if you have any suggestions hit me up [@TheCyberViking](https://twitter.com/TheCyberViking)
File Snapshot

 [4.0K]  /data/pocs/9ebc2730b8299274f18bbce1d2518ce8c0f43b69
├── [ 932]  F5pocscan.py
├── [1.0K]  LICENSE
└── [2.2K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →