4 matches found
PT-2020-05: Cross-site scripting (XSS) in F5 Traffic Management User Interface (TMUI)
The vulnerability allows remote attackers to execute malicious JavaScript code in the context of the current user. If the logged-on user has administrative rights and Advanced Shell bash access, an attacker who successfully exploited the vulnerability could fully compromise the BIG-IP system...
PT-2020-04: Arbitrary code execution in F5 Traffic Management User Interface (TMUI)
The vulnerability allows unauthorized remote attackers to execute malicious code on the system, obtain sensitive information, or hijack traffic, as well as use the server with the Traffic Management User Interface TMUI for attacks on other internal resources of the target organization. Advisory...
Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal
Exploit Title: Citrix Application Delivery Controller ADC and Gateway 13.0 - Path Traversal Date: 2019-12-17 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor...
PT-2020-09: Path Traversal vulnerability in Cisco ASA and Cisco FTD
A vulnerability in Cisco ASA and Cisco FTD allows attackers to read some WebVPN-related files, which may contain sensitive information like WebVPN configuration data of Cisco ASA users, bookmarks, cookies, web content, and HTTP URLs. Advisory status: February 13, 2020 - Vendor notification date...