CVE-2021-22986: F5 BIG-IP and BIG-IQ Centralized Management iControl REST
F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability. F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.
- CISA KEV-listed (remediation due 2021-11-17)
- used in ransomware campaigns
- EPSS 94.5% (100.0% percentile)