← voltar
CVE-2020-5902

CVE-2020-5902

CVSS 9.8 CRITICALEPSS 100.0%● KEVCWE-22
Em resumo

Uma falha crítica na interface de gerenciamento web do F5 BIG-IP permite que atacantes executem código arbitrário em sistemas afetados sem precisar de credenciais. Essa vulnerabilidade compromete completamente o dispositivo.

Detalhe técnico

CVE-2020-5902 é uma vulnerabilidade de RCE pré-autenticação no TMUI do BIG-IP afetando versões 11.6.1–15.1.0.3, explorável via páginas não reveladas com vetor de ataque remoto pela rede. Permite execução de código arbitrário sem autenticação com CVSS 9.8, resultando em comprometimento total do sistema.

Resumo gerado e traduzido por IA a partir da descrição oficial.
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · BIG-IP
PoCs públicas encontradas64
githubgithub.com/jas502n/CVE-2020-5902374githubgithub.com/yassineaboukir/CVE-2020-590271githubgithub.com/theLSA/f5-bigip-rce-cve-2020-590262githubgithub.com/aqhmal/CVE-2020-5902-Scanner55githubgithub.com/yasserjanah/CVE-2020-590243githubgithub.com/dunderhay/CVE-2020-590236githubgithub.com/f5devcentral/cve-2020-5902-ioc-bigip-checker17githubgithub.com/zhzyker/CVE-2020-590213githubgithub.com/ar0dd/CVE-2020-590212githubgithub.com/PushpenderIndia/CVE-2020-5902-Scanner12githubgithub.com/Al1ex/CVE-2020-590210githubgithub.com/lijiaxing1997/CVE-2020-5902-POC-EXP10githubgithub.com/west9b/F5-BIG-IP-POC10githubgithub.com/dwisiswant0/CVE-2020-59029githubgithub.com/nsflabs/CVE-2020-59028githubgithub.com/rwincey/CVE-2020-5902-NSE8githubgithub.com/rockmelodies/CVE-2020-5902-rce-gui8githubgithub.com/sv3nbeast/CVE-2020-5902_RCE8githubgithub.com/GovindPalakkal/EvilRip6githubgithub.com/MrCl0wnLab/checker-CVE-2020-59025githubgithub.com/corelight/CVE-2020-5902-F5BigIP4githubgithub.com/jiansiting/CVE-2020-59024githubgithub.com/d4rk007/F5-Big-IP-CVE-2020-5902-mass-exploiter4githubgithub.com/34zY/APT-Backpack3githubgithub.com/r0ttenbeef/cve-2020-59022githubgithub.com/cybersecurityworks553/scanner-CVE-2020-59022githubgithub.com/DeepSecurity-Pe/GoF5-CVE-2020-59022githubgithub.com/qiong-qi/CVE-2020-5902-POC2githubgithub.com/murataydemir/CVE-2020-59022githubgithub.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner2githubgithub.com/z3n70/CVE-2020-59022githubgithub.com/renanhsilva/checkvulnCVE202059021githubgithub.com/qlkwej/poc-CVE-2020-59021githubgithub.com/halencarjunior/f5scan1githubgithub.com/haisenberg/CVE-2020-59021githubgithub.com/amitlttwo/CVE-2020-59021githubgithub.com/Shu1L/CVE-2020-5902-fofa-scan1githubgithub.com/JSec1337/RCE-CVE-2020-59021githubgithub.com/0xAbdullah/CVE-2020-59021githubgithub.com/jinnywc/CVE-2020-59021githubgithub.com/Zinkuth/F5-BIG-IP-CVE-2020-59021githubgithub.com/ajdumanhug/CVE-2020-59020githubgithub.com/dnerzker/CVE-2020-59020githubgithub.com/TheCyberViking/CVE-2020-5902-Vuln-Checker0githubgithub.com/0xBlackash/CVE-2020-59020githubgithub.com/flyopenair/CVE-2020-59020githubgithub.com/freeFV/CVE-2020-5902-fofa-scan0githubgithub.com/momika233/cve-2020-59020githubgithub.com/superzerosec/cve-2020-59020githubgithub.com/ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability0githubgithub.com/Any3ite/CVE-2020-5902-F5BIG0githubgithub.com/k3nundrum/CVE-2020-59020githubgithub.com/inho28/CVE-2020-5902-F5-BIGIP0githubgithub.com/cristiano-corrado/f5_scanner0githubgithub.com/GoodiesHQ/F5-Patch0cve_referencepacketstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.htmlnão verificadocve_referencepacketstormsecurity.com/files/158414/Checker-CVE-2020-5902.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/48711não verificadoexploitdbwww.exploit-db.com/exploits/48643não verificadocve_referencepacketstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/48642não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.htmlhttp://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.htmlhttp://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.htmlhttp://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.htmlhttps://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902https://support.f5.com/csp/article/K52145254https://swarm.ptsecurity.com/rce-in-f5-big-ip/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/