Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 10 Jun 2026 12:17:17 +0000 198cbcc1-8d48-4968-8747-94c12feb6f2a https://vulnerability.circl.lu/sighting/198cbcc1-8d48-4968-8747-94c12feb6f2a/export {"uuid": "198cbcc1-8d48-4968-8747-94c12feb6f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20556", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:35:54.000000Z"} {"uuid": "198cbcc1-8d48-4968-8747-94c12feb6f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20556", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:35:54.000000Z"} https://vulnerability.circl.lu/sighting/198cbcc1-8d48-4968-8747-94c12feb6f2a/export Sat, 12 Dec 2020 00:35:54 +0000 e25a8eaa-cd81-48a3-8146-21e99ea5d6b4 https://vulnerability.circl.lu/sighting/e25a8eaa-cd81-48a3-8146-21e99ea5d6b4/export {"uuid": "e25a8eaa-cd81-48a3-8146-21e99ea5d6b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20576", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:45:47.000000Z"} {"uuid": "e25a8eaa-cd81-48a3-8146-21e99ea5d6b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20576", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:45:47.000000Z"} https://vulnerability.circl.lu/sighting/e25a8eaa-cd81-48a3-8146-21e99ea5d6b4/export Sat, 12 Dec 2020 00:45:47 +0000 a0bf591c-4fdb-4fd7-8651-53486f4ac9de https://vulnerability.circl.lu/sighting/a0bf591c-4fdb-4fd7-8651-53486f4ac9de/export {"uuid": "a0bf591c-4fdb-4fd7-8651-53486f4ac9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20595", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:06.000000Z"} {"uuid": "a0bf591c-4fdb-4fd7-8651-53486f4ac9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20595", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:06.000000Z"} https://vulnerability.circl.lu/sighting/a0bf591c-4fdb-4fd7-8651-53486f4ac9de/export Sat, 12 Dec 2020 01:05:06 +0000 cde784ff-398d-4af9-8016-1e1a73f5ff62 https://vulnerability.circl.lu/sighting/cde784ff-398d-4af9-8016-1e1a73f5ff62/export {"uuid": "cde784ff-398d-4af9-8016-1e1a73f5ff62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20615", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:14.000000Z"} {"uuid": "cde784ff-398d-4af9-8016-1e1a73f5ff62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20615", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:14.000000Z"} https://vulnerability.circl.lu/sighting/cde784ff-398d-4af9-8016-1e1a73f5ff62/export Sat, 12 Dec 2020 01:25:14 +0000 d37ecd2a-9b34-4e58-adc0-de3361f9223d https://vulnerability.circl.lu/sighting/d37ecd2a-9b34-4e58-adc0-de3361f9223d/export {"uuid": "d37ecd2a-9b34-4e58-adc0-de3361f9223d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20635", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:20.000000Z"} {"uuid": "d37ecd2a-9b34-4e58-adc0-de3361f9223d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/cibsecurity/20635", "content": "\u203c CVE-2020-5948 \u203c\n\nOn BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:20.000000Z"} https://vulnerability.circl.lu/sighting/d37ecd2a-9b34-4e58-adc0-de3361f9223d/export Sat, 12 Dec 2020 02:25:20 +0000 4457c6dc-17cd-40c9-b65a-fde0657b098b https://vulnerability.circl.lu/sighting/4457c6dc-17cd-40c9-b65a-fde0657b098b/export {"uuid": "4457c6dc-17cd-40c9-b65a-fde0657b098b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2306", "content": "F5 Big IP Vulnerabilities:\n1. F5 TMUI XSS vulnerability (CVE-2020-5948)\nhttps://support.f5.com/csp/article/K42696541\n]-> Restricting access to the Configuration utility by source IP address (11.x-16.x)\nhttps://support.f5.com/csp/article/K13309\n]-> Overview of securing access to the BIG-IP system\n2. BIG-IP LTM vulnerability (CVE-2020-5949)\nhttps://support.f5.com/csp/article/K20984059\n]-> Configuring SYN cookie protection (13.x-16.x)\nhttps://support.f5.com/csp/article/K74451051", "creation_timestamp": "2020-12-16T12:01:59.000000Z"} {"uuid": "4457c6dc-17cd-40c9-b65a-fde0657b098b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2306", "content": "F5 Big IP Vulnerabilities:\n1. F5 TMUI XSS vulnerability (CVE-2020-5948)\nhttps://support.f5.com/csp/article/K42696541\n]-> Restricting access to the Configuration utility by source IP address (11.x-16.x)\nhttps://support.f5.com/csp/article/K13309\n]-> Overview of securing access to the BIG-IP system\n2. BIG-IP LTM vulnerability (CVE-2020-5949)\nhttps://support.f5.com/csp/article/K20984059\n]-> Configuring SYN cookie protection (13.x-16.x)\nhttps://support.f5.com/csp/article/K74451051", "creation_timestamp": "2020-12-16T12:01:59.000000Z"} https://vulnerability.circl.lu/sighting/4457c6dc-17cd-40c9-b65a-fde0657b098b/export Wed, 16 Dec 2020 12:01:59 +0000 632df8d9-bba9-4b60-9147-9d1610e91c1d https://vulnerability.circl.lu/sighting/632df8d9-bba9-4b60-9147-9d1610e91c1d/export {"uuid": "632df8d9-bba9-4b60-9147-9d1610e91c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberGovIL/1015", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Com2676 | F5\n\n\u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST.\n\n\u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2020-12-21T15:51:26.000000Z"} {"uuid": "632df8d9-bba9-4b60-9147-9d1610e91c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberGovIL/1015", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Com2676 | F5\n\n\u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST.\n\n\u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2020-12-21T15:51:26.000000Z"} https://vulnerability.circl.lu/sighting/632df8d9-bba9-4b60-9147-9d1610e91c1d/export Mon, 21 Dec 2020 15:51:26 +0000 6cbc4962-6824-4b25-9875-506989b84efd https://vulnerability.circl.lu/sighting/6cbc4962-6824-4b25-9875-506989b84efd/export {"uuid": "6cbc4962-6824-4b25-9875-506989b84efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/1385", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5. \n\n\u05e9\u05dc\u05d5\u05dd \u05e8\u05d1,\n\n1. \u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n2. \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST.\n\n3. \u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2020-12-21T16:05:56.000000Z"} {"uuid": "6cbc4962-6824-4b25-9875-506989b84efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/1385", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5. \n\n\u05e9\u05dc\u05d5\u05dd \u05e8\u05d1,\n\n1. \u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n2. \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST.\n\n3. \u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2020-12-21T16:05:56.000000Z"} https://vulnerability.circl.lu/sighting/6cbc4962-6824-4b25-9875-506989b84efd/export Mon, 21 Dec 2020 16:05:56 +0000 71b0bc82-5b37-416f-8504-e8a26d11557d https://vulnerability.circl.lu/sighting/71b0bc82-5b37-416f-8504-e8a26d11557d/export {"uuid": "71b0bc82-5b37-416f-8504-e8a26d11557d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberSecurityIL/513", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5. \n\n\u05e9\u05dc\u05d5\u05dd \u05e8\u05d1,\n\n1. \u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n2. \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST.\n\n3. \u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2020-12-21T16:05:56.000000Z"} {"uuid": "71b0bc82-5b37-416f-8504-e8a26d11557d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberSecurityIL/513", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5. \n\n\u05e9\u05dc\u05d5\u05dd \u05e8\u05d1,\n\n1. \u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n2. \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST.\n\n3. \u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2020-12-21T16:05:56.000000Z"} https://vulnerability.circl.lu/sighting/71b0bc82-5b37-416f-8504-e8a26d11557d/export Mon, 21 Dec 2020 16:05:56 +0000 09df4960-744a-4136-b9d3-97908f09b2fa https://vulnerability.circl.lu/sighting/09df4960-744a-4136-b9d3-97908f09b2fa/export {"uuid": "09df4960-744a-4136-b9d3-97908f09b2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberGovIL/1081", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5\nhttps://www.gov.il/he/departments/publications/reports/bigip_f5\n\n\u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST. \u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2021-01-07T00:05:40.000000Z"} {"uuid": "09df4960-744a-4136-b9d3-97908f09b2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-5948", "type": "seen", "source": "https://t.me/CyberGovIL/1081", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 BIG-IP \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5\nhttps://www.gov.il/he/departments/publications/reports/bigip_f5\n\n\u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05ea\u05d4 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BIG-IP \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-5948) \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05ea\u05e7\u05d9\u05e4\u05d4 \u05de\u05e1\u05d5\u05d2 Reflected XSS, \u05db\u05e0\u05d2\u05d3 \u05de\u05de\u05e9\u05e7 \u05d4\u05e0\u05d9\u05d4\u05d5\u05dc, \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05e4\u05d5\u05e8\u05d8\u05d4 \u05d1-iControl REST. \u05d0\u05dd \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d4\u05de\u05d5\u05ea\u05e7\u05e3 \u05d9\u05e9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05de\u05e0\u05d4\u05dc\u05df, \u05d4\u05de\u05ea\u05e7\u05e4\u05d4 \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3.", "creation_timestamp": "2021-01-07T00:05:40.000000Z"} https://vulnerability.circl.lu/sighting/09df4960-744a-4136-b9d3-97908f09b2fa/export Thu, 07 Jan 2021 00:05:40 +0000