tux143
Jul 10, 2020Cirrus
TMUI RCE vulnerability CVE-2020-5902
I am trying to secure F5 from recent exploit. Reading here https://support.f5.com/csp/article/K52145254
Its setting up 404 Redirect to avoid that directory travel so question is do should i remove "include none" and replace that with following code? but following codes in very strange format so should i just copy paste them same way ?
include '
<LocationMatch ";">
Redirect 404 /
</LocationMatch>
<LocationMatch "hsqldb">
Redirect 404 /
</LocationMatch>
'