If you have an F5, it's time to patch! Thanks Michele for the link to today's crop of F5 CVE's, which include an unauthenticated RCE against the API, and another RCE against "hidden" config pages! https://support.f5.com/csp/article/K02566623, (Wed, Mar 10th)

=============== Rob VandenBrink coherentsecurity.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.