Platform updates

[New scanner] Detect vulnerable F5 BIG-IP devices with

Updated at
Article tags

Vulnerability scanners are powerful pentesting tools that help you discover critical flaws in your systems quickly and effectively. The more specific the tools, the more useful!

To assess the security of your devices and see if they are exposed to the F5 BIG-IP critical vulnerability (CVE-2020-5902), we’ve launched a dedicated scanner you can try for free: the BIG-IP Vulnerability Scanner.

The high-severity vulnerability affects multiple F5 products that use the Traffic Management User Interface (TMUI) interface. It allows an unauthenticated attacker to execute remote commands as root on vulnerable devices.

Use the scanner for free

Here’s what data the BIG-IP Vulnerability Scanner sample report includes:

BIG-IP Vulnerability Scanner sample report

To better understand how CVE-2020-5902 is exploited, read our in-depth blog article, which includes a video demo and detailed steps to help you build a Proof of Concept with TMUI modules.

Use our new tool to scan your infrastructure fast and with minimal setup. Detect the TMUI RCE quickly and get a full report of the vulnerability, including description, evidence, risk, and recommendations for fixing it.

Scan your F5 BIG-IP device

Get fresh security research

In your inbox. (No fluff. Actionable stuff only.)

I can see your vulns image

Related articles

Suggested articles

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account


© 2013-2024 has a LinkedIn account it's very active on

Join over 45,000 security specialists to discuss career challenges, get pentesting guides and tips, and learn from your peers. Follow us on LinkedIn! has a YouTube account where you can find tutorials and useful videos

Expert pentesters share their best tips on our Youtube channel. Subscribe to get practical penetration testing tutorials and demos to build your own PoCs!

G2 award badge recognized as a Leader in G2’s Spring 2023 Grid® Report for Penetration Testing Software. Discover why security and IT pros worldwide use the platform to streamline their penetration and security testing workflow.

OWASP logo is a Corporate Member of OWASP (The Open Web Application Security Project). We share their mission to use, strengthen, and advocate for secure coding standards into every piece of software we develop.