Sometimes sessions are logged out unexpectedly at random intervals due to the "Fallback Host" being incorrectly configured as /vdesk/hangup.php3 in the HTTP profile. False Positives: Many "exploit" reports involving hangup.php3

: This is a more recent (2022) Broken Access Control vulnerability in the /api/v1/vdesk_[DOMAIN]/export

Attackers typically target the script by appending shell commands to a vulnerable parameter. Typical Attack Vector:

Scanner HTTP requests redirect to /vdesk/hangup.php3 - My F5

While the name "vdesk hangupphp3 exploit" is not an official CVE designation, it almost certainly refers to the critical in LIVEBOX Collaboration vDesk. This flaw, combined with other severe bugs like broken access control and 2FA bypasses, creates a perfect storm for attackers.

If an administrator with an active profile clicked a malicious link containing an unescaped string targeting these paths, the script executed commands directly within the administrative application context. Session Fixation and Open Redirect Risks

Implementing Host Header Validation via Centralized Policy Management (CPM)

For systems that cannot be immediately updated, F5 provides specific iRules to mitigate vulnerabilities by filtering malicious traffic directed at /vdesk endpoints.