Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence.
The remotely exploitable flaws “can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next
Source:: The Hackers News