Breaking the network security and bypassing F5 BIG-IP firewall via this flaw

Pentest training specialists report the finding of a critical vulnerability in the BIG-IP product branch of the tech company F5 Networks, specializing in application services and application delivery networks. According to the report, successful exploitation of this flaw would allow code execution on the affected system. 

The products affected by this flaw are: BIG-IP LTM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP FPS, BIG-IP GTM, BIG-IP PEM, BIG-IP AAM, BIG-IP DNS and BIG-IP Link Controller. Below is a brief overview of the reported flaw in addition to its score and tracking key based on the Common Vulnerability Scoring System (CVSS).

Tracked as CVE-2020-5902, this flaw exists due to insufficient input validation on unreleased pages in the Traffic Management User Interface (TMUI), which would lead to the execution of arbitrary shell commands on the target system.

Pentest training experts mention that an unauthenticated threat actor could pass specially designed data to the application to complete the attack. Successful exploitation of this vulnerability can result in a total commitment of the vulnerable system.

Although the flaw received a score of 8.5/10 and can be exploited remotely by unauthenticated threat actors, no exploit attempts have been detected in real-world scenarios. Pentest training experts have also not detected any useful malware variants to trigger the attack.

The flaw has already been fixed, so F5 recommends users to verify their correct installation. The full list of vulnerable products is available on the manufacturer’s website.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.