logo
DATABASE RESOURCES PRICING ABOUT US

F5 Networks BIG-IP : TMUI RCE (CVE-2020-5902) (Direct Check)

Description

A remote code execution vulnerability exists in Traffic Management User Interface (TMUI), also referred to as the Configuration utility. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary system commands, create or delete files, disable services, and/or execute arbitrary Java code. Note: An initial mitigation for this vulnerability was released by the vendor, which can be bypassed. This plugin also tests for the bypass of that initial mitigation.


Related