Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover

Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence.
The remotely exploitable flaws "can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next

accounts actor administrator attackers can control critical device devices enable exploited flaws hidden manager next persistence rogue security takeover threat threat actor vulnerabilities