CVE-2008-0265

F5 TMOS - Cross-Site Scripting via SearchString Parameter in Web Management Interface

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0265. PoCs published by nnposter.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in F5 BIG-IP by injecting a malicious script via the SearchString parameter. The payload triggers an alert dialog, confirming the vulnerability.

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories.

Exploits (1)

exploitdb WORKING POC VERIFIED

by nnposter · textremotehardware

https://www.exploit-db.com/exploits/31024

View Code ZIP pw:eip

This exploit demonstrates a cross-site scripting (XSS) vulnerability in F5 BIG-IP by injecting a malicious script via the SearchString parameter. The payload triggers an alert dialog, confirming the vulnerability.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: F5 BIG-IP firmware version 9.4.3

No auth needed

Prerequisites: Access to a vulnerable F5 BIG-IP instance

MITRE ATT&CK