Unrated severityNVD Advisory· Published Aug 21, 2013· Updated Apr 29, 2026

CVE-2013-0526

Description

ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.

Affected products

IBM/Global Console Manager 16 Firmware
cpe:2.3:o:ibm:global_console_manager_16_firmware:*:*:*:*:*:*:*:*
Range: <=1.18.0.22011
IBM/Global Console Manager 32 Firmware
cpe:2.3:o:ibm:global_console_manager_32_firmware:*:*:*:*:*:*:*:*
Range: <=1.18.0.22011

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/entry/portal/docdisplaynvdVendor Advisory
www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/85367nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000