Security researchers have started posting proof-of-concept (PoC) exploits for the F5 BIG-IP vulnerability to illustrate how easy it is to exploit these devices. US Cyber Command issued an alert strongly advising that users install the update and not postpone it until after the Fourth of July holidays. The vulnerability allows a remote attacker to access the Traffic Management User Interface (TMUI) of the Big-IP application delivery controller (ADC) without authentication and perform remote code execution. F5 customers using the vulnerability include governments, Fortune 500 firms, banks, Internet services providers, and many consumer brands, including Microsoft, Oracle, and Facebook.
Source: https://www.bleepingcomputer.com/news/security/poc-exploits-released-for-f5-big-ip-vulnerabilities-patch-now/