This module exploits a directory traversal vulnerability in F5 BIG-IP Traffic Management User Interface (TMUI). The failure in URL parsing between Apache and Java (Tomcat) allows to perform a directory traversal to access the tmshCmd.jsp page. This page allows an authenticated user to execute commands. But, using the mentioned vulnerability, an unauthenticated attacker can run remote code on the underlying operating system an deploy an agent.
CVE Link
Exploit Platform
Exploit Type
Product Name