Forwarded from BlackBox (Security) Archiv
F5 Big-IP RCE writeup + full exploit
When TEAMARES began research into the vulnerability identified in the F5 TMUI RCE vulnerability advisory released last month, we initially started by reading the advisory and mitigation steps, which contained minimal details but included key pieces of information needed to kick off our research. The advisory states that the vulnerability impacts a variety of capabilities when exploited, including the ability to execute arbitrary Java code, which stood out to us.
π ππΌ https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/
π ππΌ https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902
#f5 #ip #remote #code #execution #exploit #teamares #poc #writeup
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
When TEAMARES began research into the vulnerability identified in the F5 TMUI RCE vulnerability advisory released last month, we initially started by reading the advisory and mitigation steps, which contained minimal details but included key pieces of information needed to kick off our research. The advisory states that the vulnerability impacts a variety of capabilities when exploited, including the ability to execute arbitrary Java code, which stood out to us.
π ππΌ https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/
π ππΌ https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902
#f5 #ip #remote #code #execution #exploit #teamares #poc #writeup
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Allow arbitrary URLs, expect arbitrary code execution
We found and reported 1-click code execution vulnerabilities in popular software including Telegram, Nextcloud, VLC, Libre-/OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark and Mumble
Desktop applications which pass user supplied URLs to be opened by the operating system are frequently vulnerable to code execution with user interaction
Code execution can be achieved either when a URL pointing to a malicious executable (.desktop, .jar, .exe, β¦) hosted on an internet accessible file share (nfs, webdav, smb, β¦) is opened, or an additional vulnerability in the opened applicationβs URI handler is exploited
Vulnerabilities following this pattern have already been found in other software, with more expected to be revealed going forward
https://positive.security/blog/url-open-rce
#vulnerabilities #url #arbitrary #code #execution #poc #video
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
We found and reported 1-click code execution vulnerabilities in popular software including Telegram, Nextcloud, VLC, Libre-/OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark and Mumble
Desktop applications which pass user supplied URLs to be opened by the operating system are frequently vulnerable to code execution with user interaction
Code execution can be achieved either when a URL pointing to a malicious executable (.desktop, .jar, .exe, β¦) hosted on an internet accessible file share (nfs, webdav, smb, β¦) is opened, or an additional vulnerability in the opened applicationβs URI handler is exploited
Vulnerabilities following this pattern have already been found in other software, with more expected to be revealed going forward
https://positive.security/blog/url-open-rce
#vulnerabilities #url #arbitrary #code #execution #poc #video
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag