An authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. (CVE-2021-23025)
Impact
This vulnerability may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.
This vulnerability may result in complete system compromise.