CVE-2020-5902 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in F5 BIG-IP affects v. 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
7 second
Time Interval
4 week
Scan only one
Url
Toolbox
-
The BIG-IP software is an application delivery controller that provides high availability, performance, and security to applications across a network. It is used by organizations to optimize the flow of traffic between servers, data centers, and cloud services. The BIG-IP software offers advanced features such as load balancing, SSL/TLS offloading, and application firewalling. It is a critical component for large-scale deployments and is widely adopted by enterprises.
The CVE-2020-5902 vulnerability detected in this product is a Remote Code Execution (RCE) flaw in the Traffic Management User Interface (TMUI) of BIG-IP versions 11.6.1-11.6.5.1, 12.1.0-12.1.5.1, 13.1.0-13.1.3.3, 14.1.0-14.1.2.5, and 15.0.0-15.1.0.3. The vulnerability allows an attacker to execute arbitrary code, steal sensitive data, or perform other malicious actions on the affected system. The vulnerability could lead to a full compromise of the system, and its exploitation is highly critical.
When exploited, the CVE-2020-5902 vulnerability could lead to devastating consequences, primarily because it allows an attacker to gain access to the entire system, including network resources and sensitive data. An attacker could steal user credentials, propagate malware, or disrupt the system's availability. In some cases, attackers could use the exploit to take control of the system and execute ransomware attacks, demanding payment for the release of encrypted data.
Thanks to the pro features of the s4e.io platform, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides real-time intelligence, alerts, and guidance on vulnerabilities and security threats that may affect digital assets. Its sophisticated threat detection and prevention features enable users to effectively manage and mitigate security risks in their systems. By using the s4e.io platform, organizations can strengthen their security posture and protect against serious threats such as the CVE-2020-5902 vulnerability.
REFERENCES
- https://support.f5.com/csp/article/K52145254
- http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html
- kb.cert.org: VU#290915
- https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/
- https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/
- http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html
- https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902
- http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html
- https://swarm.ptsecurity.com/rce-in-f5-big-ip/