Skip to main content

Global Console Manager 32 Firmware

4 CVEs product

Monthly

CVE-2014-3085 HIGH POC THREAT Act Now

systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 15.7%.

IBM Command Injection PHP Global Console Manager 16 Firmware Global Console Manager 32 Firmware
NVD Exploit-DB
CVSS 2.0
7.1
EPSS
15.7%
CVE-2014-3081 MEDIUM POC THREAT This Month

prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.8%.

IBM PHP Information Disclosure Global Console Manager 16 Firmware Global Console Manager 32 Firmware
NVD Exploit-DB
CVSS 2.0
6.3
EPSS
10.8%
CVE-2014-3080 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

IBM XSS PHP Global Console Manager 16 Firmware Global Console Manager 32 Firmware
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
9.4%
CVE-2013-0526 HIGH POC This Week

ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Information Disclosure IBM Global Console Manager 16 Firmware Global Console Manager 32 Firmware
NVD Exploit-DB
CVSS 2.0
8.5
EPSS
9.4%
EPSS 16% CVSS 7.1
HIGH POC THREAT Act Now

systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 15.7%.

IBM Command Injection PHP +2
NVD Exploit-DB
EPSS 11% CVSS 6.3
MEDIUM POC THREAT This Month

prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.8%.

IBM PHP Information Disclosure +2
NVD Exploit-DB
EPSS 9% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

IBM XSS PHP +2
NVD Exploit-DB
EPSS 9% CVSS 8.5
HIGH POC This Week

ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Information Disclosure IBM +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy