F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution.
The issue is rooted in the iControl Simple Object Access Protocol (SOAP) interface and affects the following versions of BIG-IP -
13.1.5
14.1.4.6 - 14.1.5
15.1.5.1 - 15.1.8
16.1.2.2 - 16.1.3, and
17.0.0
"A format string vulnerability exists in iControl SOAP