""ET EXPLOIT F5 TMUI RCE vulnerability CVE-2020-5902 Attempt M2""
SID: 2030483
Revision: 2
Class Type: attempted-admin
Metadata: attack_target Networking_Equipment, created_at 2020_07_08, cve CVE_2020_5902, deployment Perimeter, deployment SSLDecrypt, signature_severity Critical, updated_at 2020_07_08
Reference:
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: any
Destination Port: $HTTP_PORTS
Flow: established,to_server
Contents:
-
Value: "/hsqldb" Depth: 7
-
Value: "|3b|"
Within:
PCRE:
Special Options:
-
http_uri
-
fast_pattern
-
http_uri