Lucene search
K

51 matches found

GithubExploit
GithubExploit
added 2026/03/13 2:17 p.m.184 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

F5 BIG-IP TMUI Remote Code Execution Vulnerability CVE-2020-5...

10CVSS6.8AI score0.99999EPSS
Exploits60
Packet Storm
Packet Storm
added 2026/03/09 12:0 a.m.176 views

📄 F5 BIG-IP TMUI Unauthenticated Remote Code Execution

This Metasploit module exploits a directory traversal vulnerability in the F5 BIG-IP TMUI interface that allows unauthenticated attackers to execute arbitrary system commands via tmshCmd.jsp...

10CVSS6AI score0.99999EPSS
Exploits60
RedhatCVE
RedhatCVE
added 2025/05/22 5:41 p.m.12 views

CVE-2020-5902

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has a Remote Code Execution RCE vulnerability in undisclosed pages...

10CVSS7.9AI score0.99999EPSS
Exploits60References1
Hacker One
Hacker One
added 2024/10/21 12:22 p.m.34 views

AWS VDP: CVE-2020-5902

CVE ID: CVE-2020-5902 Description: Affected Product: F5 BIG-IP Traffic Management User Interface TMUI Severity: Critical CVSS Score: 9.8 Description: Remote Code Execution RCE vulnerability in undisclosed pages of the TMUI CVE-2020-5902 is a critical vulnerability affecting the BIG-IP Traffic...

10CVSS8.4AI score0.99999EPSS
Exploits60
Packet Storm
Packet Storm
added 2023/11/14 12:0 a.m.598 views

F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP TMUI Directory Traversal and File Upload RCE', 'Description' = %q This module exploits a directory traversal in F5's BIG-IP Traffic...

10CVSS7.3AI score0.99999EPSS
Exploits60
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.138 views

K52145254: TMUI RCE vulnerability CVE-2020-5902

Security Advisory Description The Traffic Management User Interface TMUI, also referred to as the Configuration utility, has a Remote Code Execution RCE vulnerability in undisclosed pages. CVE-2020-5902 Impact This vulnerability allows for unauthenticated attackers, or authenticated users, with...

10CVSS9.2AI score0.99999EPSS
Exploits60Affected Software15
Information Security Automation
Information Security Automation
added 2022/10/21 8:10 p.m.160 views

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...

10CVSS1.1AI score0.99999EPSS
Exploits967
The Hacker News
The Hacker News
added 2022/07/21 12:2 p.m.84 views

Hackers Target Ukrainian Software Company Using GoMet Backdoor

A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known ...

10CVSS1.5AI score0.99999EPSS
Exploits69
Talos Blog
Talos Blog
added 2022/07/21 12:0 p.m.377 views

Attackers target Ukraine using GoMet backdoor

Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed at a large software...

10CVSS0.4AI score0.99999EPSS
Exploits69
Hacker One
Hacker One
added 2022/03/23 1:50 p.m.281 views

8x8: F5 BIG-IP TMUI RCE - CVE-2020-5902 (██.packet8.net)

@remonsec reported to us a vulnerability in F5 BIG-IP's Traffic Management User Interface TMUI, which exploited, could have led to RCE in undisclosed pages: CVE-2020-5902 We swiftly applied the fix to the F5 BIG-IP & restricted access further, which resolved the issue...

10CVSS1.8AI score0.99999EPSS
Exploits60
The Hacker News
The Hacker News
added 2021/06/11 7:1 a.m.295 views

New Cyber Espionage Group Targeting Ministries of Foreign Affairs

Cybersecurity researchers on Thursday took the wraps off a new cyber espionage group that has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017. Dubbed "BackdoorDiplomacy," the campaign involves...

10CVSS0.8AI score0.99999EPSS
Exploits60
GithubExploit
GithubExploit
added 2021/04/13 6:48 a.m.96 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902 Auto exploit...

10CVSS8AI score0.99999EPSS
Exploits60
GithubExploit
GithubExploit
added 2020/08/25 2:7 a.m.155 views

Exploit for Cross-site Scripting in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902 RCE /tmui/login.jsp/..;/tmui/locallb/workspac...

10CVSS8.4AI score0.99999EPSS
Exploits60
GithubExploit
GithubExploit
added 2020/08/09 11:46 a.m.143 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902-Scanner Automated F5 Big IP Remote Code Executio...

10CVSS8.2AI score0.99999EPSS
Exploits60
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/07/31 12:30 p.m.166 views

This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how Trend Micro found an IoT Mirai botnet downloader that can be added to new malware variants to scan for exposed Big-IP boxes f...

10CVSS10AI score0.99999EPSS
Exploits60
GithubExploit
GithubExploit
added 2020/07/28 12:43 a.m.82 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902 F5 BIG-IP devices Summary: A Zeek detec...

10CVSS8.1AI score0.99999EPSS
Exploits60
0day.today
0day.today
added 2020/07/27 12:0 a.m.524 views

F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Vulnerability

Exploit for hardware platform in category web applications Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd:...

10CVSS0.2AI score0.99999EPSS
Exploits60
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.614 views

F5 Big-IP 13.1.3 Build 0.0.6 Local File Inclusion

Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...

10CVSS10AI score0.99999EPSS
Exploits60
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.619 views

F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion

Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...

10CVSS10AI score0.99999EPSS
Exploits60
ICS
ICS
added 2020/07/24 12:0 p.m.84 views

Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. F5 released a patch for CVE-2020-5902 on June 30, 2020.1 Unpatched F5 BIG-IP...

10CVSS10AI score0.99999EPSS
Exploits60References22
Rows per page
Query Builder