Application security company F5 Networks issues advisory warning of four critical vulnerabilities. The four critical flaws affect BIG-IP versions 11.6 or 12.1.x and newer, with a critical pre-auth remote code execution (CVE-2021-22986) also affecting BIG-IQ versions 6.5x and 7.0.3x. F5 said it’s not aware of any public exploitation of these issues. The fixes are notable for the fact that it’s the second time in as many years that F5 has revealed flaws.
Source: https://thehackernews.com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html