CVE-2020-5902 PoC — F5 BIG-IP 路径遍历漏洞

Source

https://github.com/TheCyberViking/CVE-2020-5902-Vuln-Checker

Associated Vulnerability

Title:F5 BIG-IP 路径遍历漏洞 (CVE-2020-5902)
Description:F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP中存在路径遍历漏洞。攻击者可利用该漏洞执行任意的系统命令、创建或删除文件，关闭服务/执行任意的Java代码，可能完全入侵系统。以下产品及版本受到影响：F5 BIG-IP 15.1.0版本，15.0.0版本，14.1.0版本至14.1.2版本，13.1.0版本至13.1.3版本，12.1.0版本至12.1.5版本，11.6.1版本至11.6.5版本。

Description

Simple Vulnerability Checker Wrote by me "@TheCyberViking" and A fellow Researcher who wanted to be left Nameless... you know who you are you beautiful bitch

Readme

# CVE-2020-5902 Vulnerability Checker

![N|Solid](https://zdnet1.cbsistatic.com/hub/i/2020/07/03/b6c96e0e-7da9-461a-adff-d6009723189a/f5-networks.jpg)

While looking at the vulnerabilty with fellow researchers we came to the idea that most of the current ways in which to test for the vulnerability can be classed as a form of compromise of the system. We wanted to develop a way in which to test the vulnerability so that it doest not compromise the system being scanned.

for this we wrote this small python tool, In does a GET request to the login for the system, this shows the the system is avilable and viewable and could be open to compromise from an attacker, and in turn doesnt not compromise any system informaiton or client data.

## What is F5 BIG-IP
The F5 BIG-IP DNS uses topology-based load balancing to inspect a user's IP and determine the most efficient data center. The term load balancing can also refer to file servers, when file protocol requests are distributed across file servers to overcome the capacity, bandwidth, or CPU limitations of any single system.

That one singular quote should give you an idea VERY quickly why this is a ciritcial vulenrability and mixed with the simplisticness of the attack seen bellow.

## CVE-2020-5902
this is a critical CVSS 10.0 vulnerability discovered in F5 Big-IP systems, in versions 5.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1. The exploitation process the  attacker needs to send a specifically crafted HTTP request to the server hosting the Traffic Management User Interface (TMUI) utility for BIG-IP configuration."

more information on the vulnerability can be found from F5 support here https://support.f5.com/csp/article/K52145254

## Exploitation
The exploitation is straight forward and very public at current and simplistic using a simple GET request or a curl command that can be done by any skid with a up todate windows command prompt:

## Acknowledgement
This tool was wrote by my CyberViking and a fellow researcher who wanted to re-name nameless, you know who you are you beautiful bitch.

if you have any suggestions hit me up [@TheCyberViking](https://twitter.com/TheCyberViking)

File Snapshot


 [4.0K]  /data/pocs/9ebc2730b8299274f18bbce1d2518ce8c0f43b69
├── [ 932]  F5pocscan.py
├── [1.0K]  LICENSE
└── [2.2K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!