From bleepingcomputer.com
A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device’s file system and make the server unusable.
Last week, F5 disclosed a vulnerability tracked as CVE-2022-1388 that allows remote attackers to execute commands on BIG-IP network devices as ‘root’ without authentication. Due to the critical nature of the bug, F5 urged admins to apply updates as soon as possible.
A few days later, researchers began publicly publishing exploits on Twitter and GitHub, with threat actors soon using them in attacks across the Internet.