IBM GCM16 / GCM32 Global Console Manager KVM Switch Firmware Version < 220.127.116.1175 Remote Code Execution
High Nessus Plugin ID 77002
SynopsisThe web interface running on the remote host is affected by a remote code execution vulnerability.
DescriptionAccording to its self-reported version, the remote host is an IBM Global Console Manager KVM switch with a firmware version prior to 18.104.22.16875. It is, therefore, affected by a remote code execution vulnerability that could allow an authenticated attacker to execute commands as root via the 'ping.php' script's 'count' and 'size' parameters.
SolutionUpgrade to firmware version 22.214.171.12475 or later.