: If a scan flags /vdesk/hangup.php3 , verify if the target is an F5 BIG-IP APM instance. If so, the redirect is expected behavior.
The script passes user-supplied input directly into a system-level function (like ) without filtering shell metacharacters. vdesk hangupphp3 exploit
It allows attackers to trick authenticated users into executing malicious commands. : If a scan flags /vdesk/hangup