A remote code execution vulnerability exists in the iControl REST API feature of F5’s BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.
Binary data f5_cve-2021-22986.nbin