A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. (CVE-2021-23043)
Impact
An authenticated attacker may exploit this vulnerability by sending a crafted request to the BIG-IP Configuration utility. If the exploit is successful, an attacker can access arbitrary files in the web root.