CVE-2014-3085
systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.1572 (15.7%)
Percentil: 94.7%
EPSS: 2026-05-06
Afecta
ibm:global_console_manager_16_firmwareibm:global_console_manager_32_firmwareDescripción técnica
systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
Publicada: 17/8/2014, 23:55:06
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html
- http://www.exploit-db.com/exploits/34132/
- http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94091
- http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html
- http://www.exploit-db.com/exploits/34132/
- http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94091