F5 BIG-IP TMUI RCE via path traversal — unauthenticated execution as root. If unpatched during July 2020, treat the device as fully compromised. Restrict management interface to trusted IPs as permanent control.
In BIG-IP versions 15.0.0-15.1.0.3 and others, the Traffic Management User Interface (TMUI) has a remote code execution (RCE) vulnerability. Mass exploitation occurred immediately after disclosure.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →