CVE-2014-3085

Currently unrated

Key Information:

Vendor: IBM
Status: Global Console Manager 32 Firmware; Global Console Manager 16 Firmware
Vendor: CVE Published:; 17 August 2014

Summary

systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.

References

http://packetstormsecurity.com/files/127543/IBM-1754-GCM-...

x_refsource_MISC

http://www.exploit-db.com/exploits/34132/

exploitx_refsource_EXPLOIT-DB

http://www.ibm.com/support/entry/portal/docdisplay?lndoci...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 17, 2014
Vulnerability Reserved
Apr 29, 2014