A new vulnerability has emerged in the F5 BIG-IP security appliances that can allow an attacker to crash the device.
Rapid7 researchers discovered two code execution flaws in several versions of the F5 BIG-IP appliances.
F5 has patched more than 20 vulnerabilities in BIG-IP, including one that an attacker could use to take complete control of a target appliance.
Exploits for the critical F5 BIG-IP flaw (CVE-2022-1388) are now circulating online and malicious actors are scanning for it.
Full chain exploits are in use against a critical flaw (CVE-2021-22986) in the F5 BIG-IP system.