HomePentest-Tools.com Logo

F5 BIG-IP - Remote Code Execution (CVE-2020-5902)

Severity
CVSSv3 Score
9.8
Exploitable with Sniper
Yes
Vulnerability description

F5 BIG-IP server is affected by a Remote Code Execution vulnerability, located in the Traffic Management User Interface (TMUI) component, which is publicly accessible. The root cause of this vulnerability consists in a broken parser logic in the Tomcat endpoint. This allows an unauthenticated malicious attacker to access any file stored on the server or to execute arbitrary commands on the server.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the F5 BIG-IP server in order to steal confidential information, install ransomware or pivot to the internal network.

Recommendation

Upgrade F5 BIG-IP server to the latest version or to a non-vulnerable version listed in K52145254.

Detectable with
Network Scanner
Vuln date
Jun 2020
Published at
Updated at
Software Type
VPN gateway
Vendor
F5
Product
BIG IP
Codename
Not available