BigIP F5 products are used by large corporations and governments all around the world. Its performance and load sharing capabilities has made it a preferred choice as reverse proxy to route web traffic in complex high performance projects. The F5 product contains a subset of rules written in a language called iRules developed from the scripting language TCL. TCL language interpretation is defined in a set of rules called the dodekalogue. Common misinterpretations of the dodekalogue often leaves iRules exposed to security vulnerabilities. An attacker can inject iRule code in to a request and force the load balancer to execute remote code, sniff connections or scan internal networks. Organizations using F5 with iRules will be made aware of how to find and avoid writing vulnerable code along with a demonstration of the consequences of post exploitation of this vulnerability. An attacker that successfully exploits iRule injections can gain a foothold in the F5 device memory, break out of the TCL interpreter and cause severe damage without leaving a trace in logging facilities. The research includes code scanning and automatic exploitation tools to detect and eliminate the iRule injection vulnerability from a running F5 instance.