cbcvebase.
CVE-2013-0526
published 2013-08-21

CVE-2013-0526: ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote…

PriorityP356high8.5CVSS 2.0
AVNACMAuSCCICAC
EXPLOIT
EPSS
6.07%
92.5th percentile
ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.

Affected

2 ranges
VendorProductVersion rangeFixed in
ibmglobal_console_manager_16_firmware<= 1.18.0.22011
ibmglobal_console_manager_32_firmware<= 1.18.0.22011
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.