Jonathan Chua, Application Security Consultant, nVisium:

“F5 Big IP has been targeted by security researchers and adversaries due to the vulnerable, external nature of the product. Several F5 application services can be hosted externally, allowing any internet user to attempt to connect to the service. Due to the ease of accessibility and the amount of publicly known vulnerabilities associated with F5 applications, the service becomes a prime target for adversaries to break into a company’s network via the external perimeter. An example of this is the F5 Traffic Management User Interface (TMUI), which is being actively exploited by adversaries. This service is often available on a company’s external perimeter and contains a critical remote code execution vulnerability. As a result, if the service is exploited, such service may provide external attackers an initial foothold in a company’s internal network.”

Read the entire article here!